Virtual  Showdown  WLAN  vendors  duke  it  out  online  this 

week.  Log  on  to  participate  at  www.nwfusion.com,  DocFinder.  1340. 


Clear  Choice  Test  Apple  OS/X  10.3  Panther  sports 

strong  management  features,  Microsoft  support  PAGE  45. 
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A  Wider  Net 

Networking 
is  a  joke 

The  geekier  the  audi¬ 
ence  the  better  for 
comedian  Don 
McMillan, 
whose  bits 
have  bite. 

■  BY  NEAL 
WEINBERG 

Don  Mc¬ 
Millan  beta- 
tests  his  jokes. 

He  uses  PowerPoint  in  his 
act. 

His  repertoire  includes 
gags  about  DRAM,  SSL  and 
ASCI I. The  more  obscure  the 
reference,  the  better  Mc¬ 
Millan  likes  it.The  44-year-old 
former  chip  designer  has 
carved  out  a  successful 
comedy  career  that  includes 
both  high-tech  comedy  and 
a  somewhat  more  main¬ 
stream  act.  But  get  McMillan 
in  front  of  a  bunch  of  geeks, 
and  he’s  in  his  element. 

“I  tell  jokes  nobody  can 
even  get  near,  jokes  about 
error  correction,  jokes  that 
have  never  been  told  be¬ 
fore,”  he  saysTMy  big  thing 
was  physics.  So  I  tell  jokes 
about  pi  mesons  [sub¬ 
atomic  particles].” 

See  McMillan,  page  61 


Novell  moves  beyond  NetWare 


■  BY  DENI  CONNOR 

SALT  LAKE  CITY  —  Novell  insists  this  isn’t 
the  end  of  NetWare. 

However,  NetWare  6.5  will  indeed  be  the 
last  operating  system  that  customers  can 
buy  under  that  brand  name.  And  Novell’s 
next-generation  operating  system  —  Open 
Enterprise  Server  (OES),  which  includes 
NetWare  and  Linux  kernels  —  will  represent 
a  radical  departure  from  the  NetWare  that 
has  been  an  industry  staple  for  20  years. 

Customers  and  industry  watchers  inter¬ 
viewed  last  week  at  the  company’s  annual 
BrainShare  conference  generally  applauded 
Novell’s  latest  move  to  embrace  Linux.  They 
said  the  company’s  strategy  would  increase 


the  chances  that  customers  will  transition 
toward  the  company’s  Linux  products  rather 
than  jump  ship  to  Microsoft. 

“What  Novell  is  doing  makes  a  lot  of  sense,” 
says  A1  Gillen,  research  director  of  system  soft¬ 
ware  at  1DC.“I  don’t  see  [the  name  change]  as 
a  negative.  Customers  need  to  have  a  pathway 
to  move  ahead.  OES  will  give  Novell  cus¬ 
tomers  more  confidence  that  their  de¬ 
ployments  are  safe.” 

OES  will  consist  of  a  new  NetWare  kernel 
and  the  SuSe  Enterprise  Linux  kernel,  with 
services  such  as  Novell’s  file,  print,  directory 
and  management  services  layered  on  top. 

Novell  says  renaming  its  flagship  operating 
system  was  a  difficult  decision. 

See  NetWare,  page  60 


NetWare's  share 

The  venerable  operating  system  remains 
a  key  revenue  source  for  Novell. 


Identity  and  management 

9% 
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Consulting 
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platform 

software 
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Tester’s 


Fix  the  patch  update  systemU 


Major  operating  system 
vendors  defend  existing 
security  information 
efforts. 

■  BY  CHRISTINE  BURNS  AND 
RODNEY  THAYER 

Network  World's  most  recent 
Tester’s  Challenge  published  two 
weeks  ago  called  on  the  major 
operating  system  vendors  to 
streamline  the  process  of  supply¬ 
ing  security  update  information 
to  customers. 

Our  charge  was  that,  while  infor¬ 


mation  might  be  available  on  ven¬ 
dor  Web  sites,  it’s  hard  to  locate 
and  in  some  cases  is  incomplete. 

Told  that  their  tools  are  hard  to 
use  and  inadequate,  Microsoft,  No¬ 
vell,  Apple  and  Red  Hat  chose  to 
defend  their  existing  approaches. 
None  offered  any  insight  about 


how  they  intend  to  improve  the 
situation  other  than  to  point  to 
existing  plans  to  automate  update 
tools,  which  might  obviate  the 
need  to  disseminate  some  secur¬ 
ity  information. 

We  offered  Microsoft  800  words 
to  respond  to  this  challenge  in 


print,  and  while  the  company  de¬ 
clined  to  write  a  formal  response, 
it  did  agree  to  talk  to  us  about  its 
Web-based  security  resources. 

“I  can’t  say  that  we  hear  much 
about  our  strategy  for  pushing  out 
security  information  being  off 
course,  but  we  do  hear  often  that 
we  can  tactically  make  it  better 
says  Stephen  Toulouse,  a  security 
program  manager  with  the  Micro¬ 
soft  Security  Response  Center. 

See  Challenge,  page  60 


Network  executives 
share  their  wisdom 
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William  Boni,  Motorola  vice  president  and  chief 
information  security  officer,  offers  his 
thoughts  on: 


•  Intrusion  detection  and  prevention. 

•  How  Motorola  is  protecting  itself; 

•  Why  IT  security  folks  need  to  stick  together.  \ 
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Faster  than  the  speed  of  change. 


Be  nimble.  Be  quick.  HP  Integrity  Servers  are  capable  of  executing  one  million 
transactions  per  minute  and  built  to  run  multiple  operating  systems  simultaneously. 
Supported  by  Intel®  Itanium®  2  technology,  Integrity  is  the  most  powerful  line  of 
industry-standard  servers  available  today.  Providing  you  with  the  computing 
power  to  adapt,  evolve  and  change  faster  than  anyone,  anywhere,  at  any  time. 
www.hp.com/info/integrity 
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“Check  Point  Express  brings 
enterprise-class  security  to 
the  mid-sized  company  at  a 
price  and  performance  level 
that  meets  their  needs!’ 


Charles  Kolodgy,  Research  Director, 
Security  Products,  IDC 


Complete  solutions 
Best  security. 
Highly  reliable. 
Cost  effective. 


Check  Point 


SOFTWARE  TECHNOLOGIES  LTD. 


We  Secure  the  Internet. 


Secure  your  business  with  Check  Point  Express. 

Your  business  deserves  the  best  security  solution  available  today:  Check  Point  Express1.”  Designed  for  companies  with 
100-500  employees,  Check  Point  Express  protects  your  business  with  the  same  superior  firewall  and  VPN 
technology  that  secures  97  of  the  Fortune  100.  Yet  it’s  priced  right  for  mid-size  businesses.  With  Check  Point  Express, 
you’ll  get  performance  you  can  always  rely  on,  and  security  you  don’t  have  to  worry  about.  Its  unique  features  include 
intelligent  network  and  application-level  protection.  And  its  intuitive  interface  simplifies  every  aspect  of  security 
management.  There  is  no  better  way  to  secure  your  critical  network  resources  and  connect  remote  users  and  sites. 
See  for  yourself.  Compare  Check  Point  Express  to  competing  offerings  at  www.checkpoint.com/compareexpress. 

••m-ffiS; ^  Check  Point  Express  comes  pre-installed  on  appliances  from  Sun  and  Nokia 
HflHHHHIBi  and  runs  on  open  servers  from  Dell,  IBM,  and  other  leading  manufacturers. 
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■  19  Falling  10G  prices,  copper 
version  might  attract  users. 
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Sockets  Layer  remote-access  gear. 
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FaceOffi  Two  industry  insiders  debate  the  best 
way  to  deal  with  software  flaws.  Page  44. 
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OS/X  Panther  10.3 

Apple's  OS/X  Panther  purrs  with  more  management  savvy.  Page  45. 


Visualware’s  VtsualRoute  8.0a 

Visualware's  VisualRoute  8.0a  offers  a  visual  way  to  trace  Internet  routes.  Page  47. 
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midsize  business  gateways. 
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The  Nokia 
7610  stood 
out  among  the 
many  camera 
phones  at  CTIA. 
Page  40. 


NetWorker 


■  35  Despite 
improving  video  col¬ 
laboration  tools, 
remote  work¬ 
ers  still 
camera- 
shy. 


Virtual  Showdown:  Wireless  switching 

In  a  weeklong  discussion  forum  our  panel  of  experts  will  pose  questions 
to  Airespace,  Aruba,  Chantry,  Extreme,  Symbol  and  Trapeze.  On  Monday, 
well  post  their  answers.  On  Tuesday  and  Wednesday,  the  vendors  get  to 
question  each  other.  Then  well  open  the  discussion  to  Fusion  users.  Get 
the  answers  you  need  online.  DocFinder  1344 

Exclusive 


Your  news,  how  you  want  it 

Track  just  the  technologies,  companies  and  authors  you're  interested  in 
—  we've  got  more  than  60  different  RSS  feeds.  DocFinder:  7442 

New  standards  page 

The  nice  thing  about  standards  is  how  many  of  them  there  are,  right? 
Keep  up  with  all  the  standards  work  out  there  with  our  new  standards 
page.  DocFinder:  7628 

Seminars  and  events 


Messaging:  From  chaos  to  control 

Messaging  is  in  crisis.  Ever-escalating  e-mail  assaults  now  threaten 
core  competencies  of  even  the  most  sophisticated  corporations.  It's 
time  for  better,  more  aggressive  answers  that  again  make  messaging 
a  corporate-safe  application.  Industry  expert  and  Network  World 
Columnist  Mark  Gibbs  will  present  the  latest  demos  and  new  tools. 
DocFinder:  9876 
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Wireless  Wizards 

My  802.11g  PC  Card  stinks! 

The  Wizards  help  a  reader  who’s  disappointed  with  his 
802.11g  setup.  Find  out  if  it's  the  equipment  or  the 
technology.  DocFinder:  1345 

Telework  Beat 

Defining  the  future  of  work 

Net.Worker  Managing  Editor  Toni  Kistner  says  the  two-day 
Future  of  Work  conference  spawned  big  ideas  and  a  common 
purpose. 

DocFinder:  1346 
Small  Business  Tech 

More  friends  of  small  businesses 

Columnist  James  Gaskin  examines  HP's  new  initiative,  a 

S99  PC.  DocFinder:  1347 

Digital  Domicile 

Home  network  market  update 

Columnist  Mike  Wolf  reviews  the  big  winners  in  2003  and 

makes  predictions  for  2004. 

DocFinder:  1348 
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News 


Microsoft  to  appeal  EU  ruling 

■  After  being  slapped  with  a  record  $611  million  fine  last  week  by 
the  European  Commission  for  violating  European  Union  anti-trust 
laws,  Microsoft  said  it  would  appeal  the  ruling,  a  process  that 
could  take  five  years.  The  EU  ordered  Microsoft  to  unbundle 
Windows  Media  Player  within  90  days  and  make  certain  server 
protocols  available  to  competitors.  “We  believe  every  company 
should  have  the  ability  to  improve  its  products  to  meet  the  needs 
of  consumers,”  said  Microsoft  CEO  Steve  Ballmer.  He  expressed 
disappointment  that  the  EU  decided  to  pursue  the  “riskier  course 
of  litigation”  instead  of  agreeing  to  a  settlement,  which  he  said  is 
still  a  possibility.  EU  competition  commissioner  Mario  Monti  used 
similar  language  in  defending  the  ruling,  saying, “Our  decision  is 
about  protecting  consumer  choice  and  innovation.”  With  the  fine 
representing  just  more  than  1%  of  Microsoft’s  $53  billion  in  cash 
reserves,  Goldman  Sachs  said  it  appears  the  decision  will  not 
have  a  significant  effect  on  Microsoft’s  business  but  potentially 
could  constrain  the  company  from  adding  major  features  to 
Windows  in  the  future. 

Experts  say  Witty  Worm  quick  on  its  feet 

■  The  Witty  Worm,  originally  discovered  by  eEye  Digital  Security,  recently  began 
spreading  to  attack  and  compromise  the  intrusion-protection  products  Blacklce  and 
RealSecure  from  Internet  Security  Systems  just  two  days  after  ISS  disclosed  the  vul¬ 
nerability  associated  with  these  products. This  fast  turnaround  time  in  transforming  a 
publicly  disclosed  vulnerability  into  an  actual  worm-based  exploit  caught  the  atten¬ 
tion  of  security  experts,  especially  because  the  Witty  Worm  seeks  to  destroy  the  hard 
drive  by  writing  nonsense  code  to  it. William  Boni,  Motorola’s  vice  president  and  chief 
information  security  officer,  even  had  cause  to  allude  to  the  Witty  Worm  in  his  keynote 
address  last  week  at  the  InfoSec  World  conference  (see  related  stories  on  pages  8  and 
16).  Motorola  uses  ISS  products  and  had  to  rapidly  upgrade  with  a  patch  to  prevent 
worm  infections. 

HP  files  patent  suit  against  Dell 

■  HP  has  filed  a  lawsuit  against  Gateway  that  accuses  HP’s  rival  of  violating  six  tech¬ 
nology  patents  relating  to  desktop,  notebook  and  server  computer  systems.  The  suit, 
which  was  filed  last  week  in  federal  district  court  in  San  Diego,  alleges  that  Gateway  vio¬ 
lated  HP’s  patents  in  areas  including  graphics,  power  management  and  notebook 
design,  says  Joe  Beyers,  vice  president  of  intellectual  property  licensing  at  HPGateway 
previously  had  licensed  some  of  the  patents  in  question,  Beyers  says.  “Many  of  these 

COMPENDIUM 

What’s  old  is  new  again 

The  Speak  &  Spell  Emulator  is  exactly  what  it  sounds  like  -  an  online  simulation  of 
one  of  those  1970s-era  Texas  Instruments  toys,  right  down  to  the  creepy  electronic 

voice.  Try  it  out  at  www.nwfusion.com,  DocFinder:  1334. 


Allen  for  Aliens. 

We’re  not  sure  it’s  what  we’d  spend 
$13.5  million  on  if  we  had  the 
money,  but  news  broke  last  week 
that  Microsoft  co-founder  Paul 
Allen  is  putting  up  that  much  to 
fund  development  of  powerful  radio 
telescopes  to  search  for  signs  of 
extraterrestrial  life.  > 

Don't  blame  the  outsourcers. 

To  read  the  new  American  Electronics  Association 
report  on  offshore  outsourcing,  the  group  has 
had  just  about  enough  of  Americans  fussing  about 
people  in  other  countries  swiping  their  jobs.  The 
group  recommends  putting  pressure  on  the  U.S. 
government  to  better  educate  its  citizens  in  math 
and  science.  See  the  report  at  www.nwfusion 
.com,  DocFinder:1332. 

Web  IH6SS.  The  Department  of  the 
Interior’s  Web  site  literally  has  had  its  ups  and  downs  of  late.  A  federal  judge  recently 
forced  the  department  to  shut  down  its  site,  which  is  said  to  have  inadequate 
security.  But  last  week  an  appeals  court  ruled  the  site  could  go  back  up.  One  result 
of  the  closed  site  was  that  states  used  to  getting  millions  of  dollars  in  monthly 
payments  via  the  department  related  to  royalties  from  American  Indian  land  were 
going  to  have  to  wait  until  the  Web-based  system  for  processing  and  distributing 
the  money  was  reactivated. 


www.nwfusion.com 


were  licensed  to  Gateway  from  1994  to  1999,”  he  says.They  then  refused  to  renew  that 
license  going  forward  after  1999.”  Gateway  vowed  to  fight  the  suit.  Last  year,  HP  formed 
an  intellectual  property  licensing  division  to  expand  and  oversee  licensing  of  the  com¬ 
pany’s  patent  portfolio.  Wednesday’s  lawsuit  is  the  first  to  emerge  from  the  division, 
which  helped  increase  HP’s  revenue  from  royalties  by  50%  in  2003, according  to  Beyers. 

'Phishing'  scam  targets  A0L,  PayPal 

■  The  Federal  Trade  Commission  and  the  Department  of  Justice  has  acted  to  halt  a  fake- 
Web  and  e-mail “phishing”scam  that  had  conned  hundreds  of  users  into  giving  credit  card 
and  bank  account  numbers  to  Web  sites  that  looked  like  those  of  AOL  and  PayPhl.The  FTC 
charged  Zachary  Keith  Hill  of  Houston  with  deceptive  and  unfair  practices,  and  the 
Justice  Department  named  Hill  as  a  defendant  in  a  criminal  case  it  filed  in  Virginia. 

Deloitte  sees  more  telecom  'offshoring' 

■  Telecom  operators  will  be  the  next  to  benefit  from  the  cost  savings  and  enhanced  ser¬ 
vices  made  possible  by  moving  operations  overseas,  according  to  a  new  Deloitte  Re¬ 
search  survey  However,  the  researcher  warned  that  operation  complexity,  loss  of  control, 
language,  cultural  barriers  and  objections  from  home  country  groups  that  do  not  want 
to  see  local  jobs  go  overseas  present  obstacles.  Global  operators  are  expected  to  “off¬ 
shore”  5%  of  the  industry’s  5.5  million-strong  labor  force, or  275,000  jobs,  by  2008, the  pro¬ 
fessional  services  and  advice  organization  said  last  week.  What’s  more,  the  industry  is 
expected  to  reap  cost  savings  of  $14  billion  per  year  by  2008  from  improved  call  center 
capabilities  and  enhanced  broadband  and  mobile  data  services,  the  research  group 
says.  Call  centers,  IT  services,  application  service  development,  and  accounting  and 
finance  will  be  among  some  of  the  top  offshore  processes,  the  research  group  said, 
adding  that  India, Argentina  and  Estonia  will  be  destinations  of  choice.  (Read  Columnist 
Mark  Gibbs’  thoughts  on  offshoring,  page  62.) 


with  a  lot  of  questions.  How  long  does  it  take?  Is  voice 
quality  sacrificed?  What  are  the  hidden  costs? 


With  Agilent,  voice  over  IP  is  an  easy  call.  Our  network 
test  and  software  solutions  monitor  performance  and 
troubleshoot  throughout  the  lifecycle.  They  also  help 
determine  the  most  cost-effective  design  to  get  you 
up  and  running.  And  once  you  get  your  network  up, 
we'll  also  help  you  manage  it.  All  this  with  virtually  no 
sacrifice  in  call  quality.  With  Agilent,  the  switch  to 
voice  over  IP  really  pays  off. 

Across  the  field  of  communications,  Agilent  delivers 
a  unique  breadth  of  experience,  from  developing 
components  and  managing  services,  to  testing  the 
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/JIL-based  standard  faces  trust  issue 


Building  trust 

Nationwide  is  organizing  a  group  called  The  Xota 
Consortium,  which  plans  to  develop  XML-based  standards: 

•  To  determine  trustworthiness  in  real  time  between  business  partners. 

•  Continuously  assess  contractual  compliance. 

•  Address  technical  issues  not  covered  in  SAML,  such  as 
time  synchronization. 

•  Deal  with  business  issues  related  to  trust  governance. 


m  BY  ELLEN  MESSMER 

ORLANDO  —  Security  man¬ 
agers  at  last  week’s  InfoSec  Con¬ 
ference  swapped  ideas  about  net¬ 
work  defense  and  raised  sharp 
questions  about  problems  they 
see  with  newer  technologies  such 
as  VoIP  and  Web  services. 

Dan  Houser, security  architect  at 
Nationwide  Insurance  Enter¬ 
prises,  talked  about  Web  services 
and  the  value  of  the  XML-based 
standard  Security  Assertions 
Markup  Language  (SAML)  in 
facilitating  authentication  and 
authorization  across  companies 
to  do  business  through  a  Web  por¬ 
tal.  Houser  said  his  year-long 
experience  in  operating  a  SAML- 


based  portal  has  shown  addition¬ 
al  standards  are  needed  to  tackle 
underlying  problems  in  assuring 
trust.  Nationwide  is  organizing  a 
group  called  the  Xota  Consor¬ 
tium  to  develop  such  standards. 

“There’s  been  a  tremendous 
acceleration  in  e-business  in  the 
last  10  years,  and  the  latest  is 
being  brought  about  by  Web  ser¬ 
vices,”  Houser  said. 

Web  services  and  the  SAML 
standard  let  businesses  connect 
directly  using  cross-company  au¬ 
thentication.  Nationwide  set  up  a 
Web  portal  based  on  RSA  Security 
ClearTrust  software  for  this  SAML- 
based  federated  identity  authenti¬ 
cation  with  three  business  part¬ 
ners.  But  the  technology  has  so  far 


failed  to  address  several  practical 
concerns,  he  noted. 

Federated  identity  gives  users 
single-sign-on  access  to  multiple 
sites,  but  asking  one  organization 
to  trust  the  authentication  provid¬ 
ed  by  others  raises  wide-ranging 
issues,  Houser  said.  These  issues 
include  the  need  to  know  if  and 


how  an  organization  checks  the 
background  of  users,  if  users’  in¬ 
dustry  license  requirements  are 
up  to  date,  and  how  Web  site  ser¬ 
vice-level  agreements  and  time 
synchronization  apply  across 
multiple  sites. 

Lawyers  at  Nationwide  are 
deeply  involved  in  trying  to  pull 


back  on  what  business  managers 
and  IT  staff  want  to  do  with  Web 
services  and  SAML  until  lengthy 
contracts  are  concluded  among 
all  the  partners  in  Web  services. 

“A  business  agreement  must 
define  this, but  business  and  legal 
are  tugging  at  different  directions, 
and  it’s  taking  months  to  work 
through  it,”  said  Houser,  who 
added  that  he  thinks  Nationwide 
was  the  first  business  to  operate  a 
SAML-based  Web  services  portal. 

Nationwide  says  there  are  many 
Web  services  business-trust  issues 
that  would  benefit  from  building 
a  consensus.That’s  the  goal  of  the 
Xota  Consortium,  which  also 
plans  to  develop  XML-based  soft¬ 
ware  to  enforce  Web  services 
trust  arrangements. 

“Trust  policies  are  harder  than 
the  technology’  Houser  added. 

Some  of  the  sharpest  security 
critiques  at  InfoSec  were  aimed  at 
VoIP  equipment  based  on  Ses¬ 
sion  Initiation  Protocol  (SIP). 

“The  threat  is  that  there  is  a  lack 
of  authentication  on  the  phone,” 
said  Guy  Hadsall,  senior  consul¬ 
tant  in  the  security  and  fraud  divi¬ 
sion  of  Telcordia  Technologies. 
“The  SIP  phones  —  Nortel  and 
Cisco  in  particular  —  have  had 
issues  with  end-user  authentica¬ 
tion  and  ways  to  hack  them.” 

“Phreakers  [those  who  target 
entry  through  phone  systems] 
and  hackers  have  united  globally 
over  the  last  few  years,  and  they’re 
still  after  your  voice-mail  system,” 
Hadsall  said. 

He  said  every  Telcordia  evalua¬ 
tion  of  VoIP  gateways  and  switch 
equipment  showed  that  resellers 
are  shipping  VoIP  equipment  with 
default  passwords  turned  on, 
which  makes  it  easy  for  hackers 
to  break  in. 

Hadsall  also  pointed  out  that 
the  type  of  IP  attacks  seen  on  the 
Internet  today,  including  worms 
and  denial-of-service  (DoS)  at¬ 
tacks,  can  be  expected  to  be  a 
problem  in  VoIP  networks. 
Launching  a  DoS  attack  against 
VoIP  phones  and  gateway  con¬ 
trollers  is  “child’s  playf  he  said. 

Although  VoIP  products  are  get¬ 
ting  better,  interoperability  chal¬ 
lenges  remain  in  getting  VoIP 
phone  components  to  work 
across  vendor  product  lines,  he 
added.  The  global  standards 
group  International  Telecom¬ 
munication  Union  has  a  draft  rec¬ 
ommendation  out,  X.805,  that 
defines  the  basic  security  chal¬ 
lenges  and  recommends  policies, 
incident  response  and  recovery  ■ 


Time  to  enlist  a  ‘national  guard’  for  IT? 


■  BY  TIM  GREENE 

NORTHFIELD,VT.  —  The  U.S.  is  unprepared  to  recover  quickly  from  a 
major  cyberterrorism  attack  and  might  require  government  interven¬ 
tion  to  organize  IT  professionals, according  to  military  emergency  man¬ 
agement  officials  at  a  security  conference. 

Authority  from  the  president  and  Congress  should  be  conferred  on  a 
single  person  to  cull  government  resources  to  respond  to  such  attacks, 
but  that  will  not  be  enough,  according  to  retired  Army  National  Guard 
Maj.  Gen.  Jack  D’ Araujo,  a  former  assistant  director  of  the  Federal 
Emergency  Management  Agency  who  spoke  last  week  at  the 
e-ProtectIT  conference  at  Norwich  University 

D’ Araujo  said  that  in  cyberwar  games  last  fall  called 
Livewire,  participating  businesses  seemed  reluctant  to 
give  up  information  to  federal  officials  about  their  net¬ 
works  and  what  data  travels  on  them.  In  an  actual 
cyberattack,  there  is  no  set  official  chain  of  command 
for  dealing  with  recovering  from  the  attack,  he  said. 

A  cyber  national  guard  might  be  needed,  he  said,  to 
react  as  the  military  National  Guard  reacts  to  natural 
disasters.  The  need  is  urgent  because  the  extent  and 
target  of  possible  attacks  cannot  be  known.“We’re  real¬ 
ly  plowing  some  new  ground,”  he  said.  “We  flat-out 
aren’t  prepared  to  deal  with  it.” 

The  upside  is  that  within  the  IT  community  people 
have  knowledge  about  what  do  to  in  a  cyberattack, 
said  Patrick  Gallagher,  former  director  of  the  federal 
government’s  National  Computer  Security  Center.  “If 
we  have  problems  today,  we  have  network  groups  who 
can  and  do  talk  to  each  other  and  speak  a  similar  lan¬ 
guage  and  have  the  same  training,”  he  said. “What  we 
need  is  the  leadership  to  pull  that  together” 

Recovering  quickly  is  important,  but  because  there 
has  never  been  a  cyberdisaster,  it’s  difficult  to  know 
what  will  be  needed  and  how  quickly  damage  can  be 
repaired, said  Pierce  Reid,  an  Internet  warfare  special¬ 
ist  and  vice  president  of  marketing  for  VoIP  vendor 
Qovia.“What  will  it  take  for  a  national  reboot?  A  lot  of 
these  systems  have  never  been  taken  offline,”  Reid 
said. 

These  comments  came  a  week  after  the  IT  industry 
Cyber  Security  Early  Warning  Task  Force  issued  a 
report  calling  for  an  early-warning  network  and  a 
national  crisis  coordination  center  run  by  CERT  (see 
graphic,  right). The  purpose  would  be  to  gather  attack 


information  and  issue  appropriate  warnings  to  the  right  people. 
Representatives  from  BellSouth,  Computer  Associates,  Intel,  Internet 
Security  Systems,  Microsoft,  SAIC,  Symantec  and  other  corporations 
participate  in  the  task  force. The  group  plans  to  issue  a  report  on  pub¬ 
lic  responses  to  its  proposals  in  June. 

Currently,  informal  information-sharing  systems  exist  for  business, gov¬ 
ernment  and  military  agencies  to  deal  with  cyberattacks,  but  they  lack 
official  powers  to  make  responses  more  efficient  and  focused,  D’ Araujo 
said.These  systems  are  built  on  personal  contacts  and  cooperation, but 
not  on  a  system, and  he  said  that  is  a  weakness.“When  someone  knocks 
you  on  your  ass  in  a  cyberwar,  you’d  better  have  something  more  than 
Fred-knows-Joe  on  the  golf  course  to  rely  on,”  he  said. 

Livewire  exercises  organized  by  the  Department  of 
Homeland  Security  called  for  early  warning  centers 
to  be  run  cooperatively  by  banks,  water  and  electric 
utilities,  and  technology  companies,  but  information 
was  shared  reluctantly  or  not  at  all  in  many  cases. 

Attacks  on  data  and  voice  networks  need  not  bring 
down  business,  utility  and  government  networks  for 
long  to  do  a  lot  of  damage,  said  Phil  Sussman, 
Norwich’s  CIO  who  ran  a  seminar  on  network  securi¬ 
ty  If  such  attacks  affect  91 1  emergency  phone  systems, 
hospitals  and  emergency  dispatch  centers,  public 
confidence  in  the  government  to  protect  it  will  be 
undermined,  he  said. “It  will  shake  confidence  in  the 
network  itself  with  a  series  of  things  people  expected 
but  are  no  longer  there,”  Sussman  said. 

“Public  trust  and  confidence  is  one  of  [attackers’] 
objectives,”  D’Araujo  said.  When  planes  hit  the  World 
Trade  Center,  its  psychological  damage  was  devas¬ 
tating,  he  said.  “Public  trust  and  confidence  in  the 
government  to  keep  them  safe  in  airplanes  was 
shot,”  he  said. 

U.S.  IT  professionals  need  to  look  at  their  operations 
as  attackers  do  to  be  better  prepared,  said  retired  U.S. 
Marine  Gen.Commendant  Alfred  Gray“We’ve  got  to  get 
street-wise.  We’ve  got  to  look  for  what  people  do  when 
they  have  less  capability  than  you  do  —  they  look  for 
the  seams,  they  look  for  the  cracks,”  he  said. 

Reid  said  recent  virus  attacks  can  be  seen  as  pre¬ 
liminary  probes  to  a  major  assault,  just  as  there  were 
terror  bombings  over  a  period  of  years  that  led  up  to 
Sept.  1 1  .“What  we’re  seeing  is  the  embassy  bombings, 
the  attack  on  the  USS  Cole  —  all  the  pin  pricks  that 
lead  up  to  the  main  event,”  he  said.B 


Ready  to  fight 

An  IT  industry  group 
called  the  National  Early 
Warning  Task  Force 
recommends  these  steps 
in  preparation  to  fight 
cyberterrorism: 

•  Create  an  early-warning 
network  —  based  on 
CERT — to  detect  attacks. 

•  Broaden  the  sharing  of 
information  on  attacks. 

•  Draw  in  IT  represent¬ 
atives  from  14  critical 
areas  identified  by  the 
Department  of  Homeland 
Security. 

•  Set  up  a  National  Crisis 
Coordination  Center  to 
bridge  barriers  between 
groups. 

•  Prepare,  execute  and 
evaluate  plans  for  dealing 
with  cyberattacks. 

•  Identify  and  shore  up 
vulnerabilities  to  national 
infrastructure. 
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Estrin  back  with 
Ethernet  start-up 

m  BY  JENNIFER  MEARS 

Precision  I/O, spun  off  from  Internet  infrastructure  firm  Packet  Design 
last  year, says  it  will  begin  shipping  software  in  the  next  few  months  that 
will  let  businesses  give  networked  servers  a  boost  without  complicat¬ 
ing  existing  Ethernet  architectures. 

The  start-up, which  recently  completed  a  $10  million  first  round  of  ven¬ 
ture  funding, says  it  has  the  answer  for  companies  looking  to  boost  dis¬ 
tributed  application  performance  but  reluctant  to  deploy  new  network 
technologies.  Former  Cisco  CTO  Judy  Estrin  is  acting  CEO  of  the  firm. 

Increasingly  businesses  are  looking  at  deploying  blade  servers,  grids 
and  server  clusters  to  tie  multiple  low-end  boxes  into  one  pool  of 
resources  that  can  grow  and  shrink  according  to  application  demands. 
The  trouble  is  that  as  network  speeds  increase  and  there’s  more  com¬ 
munication  among  servers,  slowdowns  can  occur  as  server  CPUs  try  to 
keep  up  with  processing  the  packets  moving  in  and  out  of  the  boxes. 
Technologies  such  as  Remote  Direct  Memory  Access,  which  lets 

Serial  entrepreneur 

Precision  I/O  CEO  Judy  Estrin  and  her 
husband,  Bill  Carrico,  have  been  behind 
a  slew  of  network  vendors. 

1981  Launched  internetwork  router  and  bridge 
company  Bridge  Communications,  which 
3Com  buys  in  1987  for  more  than  $240  million. 

1988  Started  Network  Computing  Devices, 
a  maker  of  X  terminals  and  PC-Unix  inte¬ 
gration  software  that  goes  public  in  1992. 

1995  Founded  streaming  video  firm  Precept  Software,  which  Cisco 
buys  in  1998  for  about  $84  million. 

1998-2000  Estrin  served  as  Cisco’s  CTO. 

2000  Launched  Packet  Design,  to  develop  technologies  to  enhance 
Internet  infrastructure.  Spun  out  Vernier  Networks  in  March  2001  to 
focus  on  securing  and  managing  wireless  networks,  Packet  Design 
in  2003  to  boost  IP  routing,  and  Precision  I/O  in  2003  to  eliminate  I/O 
bottlenecks  in  Ethernet. 


servers  place  information  directly  into  the  memory  of  other  servers, 
and  TCP  offload  engines  have  emerged  to  address  this  problem.  In 
addition,  new  interconnect  technologies  such  as  high-speed  I/O 
switching  fabric  InfiniBand  provide  alternatives  to  proprietary  inter¬ 
connects  such  as  Quadrix  and  Myrinet. 

The  problem  is  that  these  technologies  place  undue  cost  or  com¬ 
plexity  on  data  center  operators,  Estrin  says.  InfiniBand,  for  example, 
requires  new  network  protocols  and  management.  As  a  result,  compa¬ 
nies  have  been  slow  to  adopt  the  technology 

Precision  I/O’s  technology  is  inserted  between  an  application  and  a 
network  interface  to  relieve  operating  systems  of  I/O  chores,  letting  the 
server  focus  on  more  important  tasks  associated  with  application  pro¬ 
cessing,  Estrin  says. 

“It’s  100%  Ethernet-based  so  there  are  no  newstandards.no  new  pro¬ 
tocols,  no  new  networking  fabric,” she  says,  claiming  that  the  initial  soft¬ 
ware  product,  aimed  at  1G  bit/sec  Ethernet  applications,  will  boost 
transaction  throughput  two  to  seven  times  and  result  in  one-third  the 
latency  of  existing  Ethernet  deployments. 

The  software  eventually  will  run  on  Unix,  Linux  and  Windows,  though 
Estrin  wouldn’t  say  when  each  operating  system  would  be  supported. 
Precision  I/O  also  plans  to  release  an  appliance  aimed  at  supporting 
wire-rate  processing  of  10G  bit/sec. 

Vernon  Turner,  group  vice  president  of  global  enterprise  server  solu¬ 
tions  at  IDC.says  Precision  I/O’s  technology  makes  sense.“The  simplic¬ 
ity  of  the  technology  gives  it  a  certain  attraction. ...  If  you  can  convince 
IT  executives  that  there's  not  a  lot  to  do  in  terms  of  implementation  and 
you  get  a  bigger  bang  for  your  buck,  then  that’s  good,”  he  says.  ■ 


Carriers  gussy  up  VoIP 

Users  anticipate  voice  services  for  teleworkers. 


■  BY  DENISE  PAPPALARDO 

AT&T  last  week  announced  its 
VoIP  plans  for  the  year,  saying  it 
will  integrate  VoIP  into  all  its  data 
services,  roll  out  new  voice 
applications  and  offer  VoIP 
services  throughout  its  local 
markets. 

The  company  is  among  a 
handful  of  carriers  developing 
their  VoIP  offerings.  BellSouth, 
Global  Crossing  MCI,  Savvis 
Communications  and  Sprint  also 
are  readying  offerings. 

“We  are  accelerating  our  VoIP 
plans  based  on  what  we’re  learn¬ 
ing  from  our  customers  and 
what  they’re  asking  us  for,”  says 
AT&T’s  Pat  Traynor,  vice  president 
of  network  integration. 

That  acceleration  covers  three 
dimensions:  VoIP  networking, 
application  development  and 
equipment  interoperability,  she 
says. 

Traynor  says  all  AT&T’s  data 
services  will  support  VoIP  by 
year-end.  And  she  says  AT&T  in 
May  will  roll  out  its  Enhanced 
VPN  service,  which  is  a  fully 
managed  Multi-protocol-Label- 
Switching-based  VPN  that  sup¬ 
ports  voice  and  data.  The  carri¬ 
er  also  will  support  VoIP  over  its 
IP  Enabled  Frame  Relay  ser¬ 
vice,  standard  ATM  and  frame 
relay  offerings. 

Ryla  Teleservices  has  used 
AT&T’s  Managed  Internet  Ser¬ 
vice  with  VoIP  support  for  two 
years  and  wouldn’t  consider 
switching. 

“We’re  saving  30%  compared 
to  traditional  telephony  ser¬ 
vices,”  says  Robb  Duke,  director 
of  marketing  at  the  contact 
management  outsourcing  com¬ 
pany  in  Woodstock,  Ga.  The 
company  doesn’t  have  to 
pay  for  usage,  and  the  pre¬ 
dictable  costs  make  for  easier 
budgeting. 

The  company  has  13T-1  access 
circuits  at  its  headquarters.  It 
divides  which  channels  support 
voice  or  data  and  it  has  worked 
flawlessly,  he  says. 

Ryla  also  is  keeping  an  eye  on 
telework  VoIP  services  AT&T  is 
developing.  These  include  net¬ 
work-based  VoIP  services  that 
will  extend  the  same  features 
and  functionality  as  headquar¬ 
ters,  such  as  four-digit  dialing, 
conferencing  and  voice  mail,  to 
small-office  or  home-office 
users. 

The  service  is  called  Indepen¬ 


dent  Teleworker  and  is  sched¬ 
uled  to  launch  midyear.  Traynor 
says  it  will  let  employees  use 
their  DSL  or  cable  modem 
Internet  connections  to  support 
voice. 

“Teleworking  is  part  of  our 
business  plan,”  Duke  says. 
Although  Ryla  doesn’t  know 


exactly  when  it  will  support  tele¬ 
workers,  the  company  knows  it 
wants  to  be  able  to  extend  the 
same  VoIP  capabilities  it  enjoys 
at  headquarters,  he  says. 

AT&T  also  is  planning  to  roll 
out  IP  Centrex  and  VoIP  services 
throughout  its  local  markets  this 
year. 

MCI  and  others 

Competitors  are  just  as  bullish 
about  VoIP  MCI  will  launch  a 
VoIP  over  DSL  service  in  April, 
says  Sharon  Kasimow,  director  of 
MCI  Advantage.  The  service  will 
require  a  device  at  the  customer 
site  that  acts  as  a  router  and  VoIP 
gateway 

The  company  has  offered  VoIP 
services  over  its  local  networks 
for  the  past  two  years  and  an¬ 
nounced  in  February  that  it’s 
teaming  with  Broadsoft  to  intro¬ 
duce  an  IP  Centrex  service,  but 
Kasimow  would  not  offer  a  firm 
availability  date. 

MCI  also  has  started  upgrading 
its  data  offerings  to  support  VoIP 


The  carrier  rolled  out  its  MCI 
Advantage  over  Private  IP  this 
month. 

In  other  VoIP  carrier  news: 

•  Sprint,  the  third-largest 
interexchange  carrier,  says  it 
plans  to  introduce  similar  VoIP 
services  over  its  SprintLink 
Frame  Relay  service  later  this 


year. 

•  BellSouth  plans  to  an¬ 
nounce  a  new  VoIP  service  as 
early  as  next  week,  and  more 
specifics  about  future  VoIP 
plans.  A  company  spokesman 
declined  to  provide  details  but 
analysts  say  it  could  be  a  hosted 
VoIP  service  that  BellSouth  last 
fall  hinted  would  be  coming  this 
year  (see  www.nwfusion.com, 
DocFinder:  1339). 

•  International  service  pro¬ 
vider  Global  Crossing  is  slated  to 
announce  a  VoIP  service  next 
week  at  the  VON  show.  This  ser¬ 
vice  will  be  the  carrier’s  first  VoIP 
offering  for  enterprise  users.The 
company  has  only  offered 
wholesale  VoIP  services  to  other 
service  providers. 

•  IP  VPN  service  provider  Sav¬ 
vis  is  set  to  launch  a  new  VoIP 
service  in  two  weeks,  but  few 
details  were  available  at  press 
time. 

* 

Managing  Editor  Jim  Duffy  con¬ 
tributed  to  this  story. 


Log  on  today  td  participate  in  an  online  debate 
featuring  six  wireless  LAN  vendors. 

We’ve  challenged  Airespace,  Aruba,  Chantry,  Extreme,  Symbol 
andTrapeze  to  duke  it  out  in  a  weeklong  online  debate, 
discussing  everything  from  technical  product  differences  to 
industry  clout  and  longevity. 

Today  we  post  the  first  round  of  vendor  answers  to  questions 
from  Network  World  Senior  Editor  John  Cox  and  Craig  Mathias, 
principal  of  Farpoint  Group.Tuesday  and  Wednesday  the  vendors 
will  get  the  chance  to  question  each  other,  andThursday  and 
Friday  we  throw  the  doors  open  for  questions  from  you. 

Join  the  action  at  www.nwfusion.com,  DocFinder  1340. 


AT&T's  vice  president  of  network  integra¬ 
tion  says  all  of  the  company’s  data 
services  will  support  VoIP  by  yearend. 


COMPANIES  THAT  WERE 
JUST  IDEAS  YESTERDAY 
RUN  SAP 


What  it  you’re  onto  something  big,  but  aren’t  big  yet?  Start  with  SAP’  solutions  for  small  and  midsize  companies.  Solutions  designed  to  fit 
any  size  business  —  and  any  size  budget.  And  because  they’re  built  with  expansion  in  mind,  they  won’t  just  help  you  grow,  they  will  grow 
with  you.  Visit  sap.com/ideas  or  call  800  880  1727,  because  we  have  a  few  big  ideas  of  our  own. 
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B23  standard  targets  integration 

Proposal  to  tackle  lack  of  consistency  among  electronic  business  document  formats. 


■  BY  ANN  BEDNARZ 

A  standards  effort  that  aims  to 
do  for  business-to-business  docu¬ 
ments  what  the  Dewey  Decimal 
System  does  for  library  collec¬ 
tions  is  gaining  momentum. 

The  proposed  standard  is 
called  Universal  Data  Element 
Framework  (UDEF).  Its  charter  is 
to  simplify  messaging  among 
partners,  suppliers  and  cus¬ 
tomers,  and  reduce  the  work 
required  to  build  interfaces 
between  systems. 

The  developers  behind  UDEF 
are  trying  to  spread  the  word 
and  attract  standards  bodies  and 
users  to  their  way  of  thinking. 
Although  winning  support  for  a 
new  standard  is  never  easy, 
UDEF  has  the  backing  of  key 
standards  players  within  Lock¬ 
heed  Martin  and  General 
Motors. 

The  problem  UDEF  is  trying  to 
solve  is  the  lack  of  consistency 
among  different  electronic  busi¬ 
ness  document  formats.  Today 


there  is  no  common  way  to  iden¬ 
tify  the  “semantic  equivalency”  of 
data  elements  contained  in  the 
various  XML  standards  and  back- 
office  systems  that  communicate 
with  each  other,  says  John  Har¬ 
din,  chief  architect  for  ebXML 
at  GM. 

For  example,  documents  that 
adhere  to  standards  such  as 
Open  Applications  Group  (OAG), 
CIDX  for  the  chemical  industry, 
Electronic  Data  Interchange  and 
RosettaNet  —  as  well  as  docu¬ 
ment  formats  supported  by  ven¬ 
dors  such  as  Oracle,  PeopleSoft 
and  SAP  —  might  all  contain  the 
same  data  elements,  but  those 
elements  are  named  differently 
Hardin  says. 

“The  same  data  element  con¬ 
cept,  such  as  ‘purchase  order 
document  date,’  has  a  different 
name  in  every  single  one  of 
these  formats,”  Hardin  says.  “So 
users  have  to  create  mapping 
code  to  bridge  the  gap  and  to 
match  up  these  differently 
named  but  exactly  alike  data  ele¬ 


ment  concepts.” 

Relying  on  a  person  to  match 
the  data  element  concepts  in 
each  format  and  create  transla¬ 
tions  for  every  systems  connec¬ 
tion  is  unsustainable. “When  you 
think  about  Web  services,  you 
think  about  messages  and  trans¬ 
actions  flying  across  the  Web  in 
an  automated  wajf  Hardin  says. 
“We  can’t  have  a  human  in  the 
middle  of  that  process  and  get 
anything  done  with  any  speed.” 

Industry  experts  acknowledge 
the  problem. 

“If  1  structure  my  purchase 
order  one  way  and  you  structure 
your  purchase  order  a  totally  dif¬ 
ferent  way  even  if  we  use  the 
same  terminology,  a  computer  is 
not  going  to  know  that  it’s  the 
same  thing,” says  Ron  Schmelzer, 
a  senior  analyst  at  research  firm 
ZapThink. 

UDEF  is  aimed  at  addressing 
this  translation  gap  with  a  rules- 
based  naming  convention. 

Like  the  Dewey  library-classifi¬ 
cation  system,  UDEF  assigns 
alphanumeric  tags.  The  intent  is 
to  provide  a  mechanism  for  cre¬ 
ating  alphanumeric  UDEF  IDs  for 
each  data  element  in  an  elec¬ 
tronic  document.  In  a  business- 
to-business  transaction,  if  UDEF 
IDs  are  embedded  in  the  docu¬ 
ments  from  both  parties,  then  the 
task  of  transforming  a  message 
into  another  format  can  be  han¬ 
dled  automatically 

For  large  organizations  that 
deal  with  hundreds  or  thou¬ 
sands  of  suppliers,  UDEF  is  in¬ 
tended  to  allow  all  involved  par¬ 
ties  to  use  systems  that  best  fit 
their  specific  needs  and  at  the 
same  time  enable  communica¬ 
tion  with  business  partners,  says 
Mark  Gibbs,  consultant  and  Net¬ 
work  World  columnist.  Whereas 
most  XML  translations  are  simply 
one-to-one  solutions  that  lack 
robustness,  UDEF  could  enable 
one-to-any  translations. 

“The  need  for  UDEF  is  massive 
and  inescapable,  and  the  bigger 
the  enterprise,  the  greater  the 
need ’’Gibbs  says. 

While  the  mission  of  UDEF  is 
clear,  its  implementation  is  a 
challenge. 

Hardin  and  company  have 
been  working  to  gain  the  sup¬ 
port  of  major  standards  bodies, 
international  government  agen¬ 
cies  and  software  vendors. 
The  group  plans  to  submit  the 
UDEF  proposal  to  the  World 
Wide  Web  Consortium  for  stan¬ 


dards  consideration. 

So  far  UDEF  has  locked  up  sup¬ 
port  from  the  aerospace  indus¬ 
try,  where  the  effort  originated. 
UDEF  was  conceived  15  years 
ago  by  Ron  Schuldt.a  senior  staff 
systems  architect  at  Lockheed 
Martin  and  co-lead  —  with  Har¬ 
din  —  of  a  working  group  within 
the  Aerospace  Industry  Assoc¬ 
iation  (AIA)  responsible  for 
defining  e-business  data  stan¬ 
dards.  (AIA  is  one  of  the  intellec¬ 
tual  property  owners  of  UDEF) 

Despite  having  the  support  of 
big,  influential  companies  like 
Lockheed  Martin  and  General 
Motors,  it  won’t  be  easy  to  widen 
UDEF  beyond  industries  that 
revolve  around  government  and 
government  contractors,  Zap- 
Think’s  Schmelzer  says. 

Additionally,  the  chore  of  main¬ 
taining  a  central  UDEF  registry 
for  managing  data  element  iden¬ 
tifiers  will  be  significant,  he  says. 

To  that  end,  UDEF  backers  ex¬ 
pect  in  the  near  future  to  an¬ 
nounce  that  a  standards  body  will 
take  over  responsibility  for  host¬ 
ing  a  global  online  UDEF  registry 

UDEF  isn’t  expected  to  wipe  out 
the  need  for  enterprise  applica¬ 
tion  integration  (EA1)  software  or 
existing  e-business  standards.“We 
will  still  need  EAI  vendors,  and 
we  will  still  need  business  docu¬ 
ment  formats  such  as  OAG  and 
SAP  IDocs,  but  this  will  make  it 
easier  to  translate  between  the 
two,”  he  says.“Hopefully  when  we 
get  enough  of  these  business  doc¬ 
ument  formats  embedded  with 
UDEF  IDs,  we  can  approach 
something  that  might  look  like 
automated  integration.”  ■ 


\  I  / 


■  THIS  WEEK’S  QUESTION: 

Under  which  president 
did  new  MCI  Chairman 
Nicholas  Katzenbach 
serve  as  U.S.  Attorney 
General? 


Stumped?  Get  the  answer  online. 

Visit  Network  World  Fusion  and  enter 
????  in  the  Search  box. 

www.nwfusion.com 


ICANN  mulls  domain 
name  extensions 

■  BY  CAROLYN  DUFFY  MARSAN 

The  Internet  Corporation  for  Assigned  Names  and  Numbers  is  con¬ 
sidering  10  wide-ranging  proposals  for  new  domain  name  extensions 
that  would  be  restricted  to  particular  industries  or  groups. 

The  proposals  for  specialized  top-level  domains  were  submitted 
earlier  this  month.  ICANN  is  expected  to  announce  its  selections  later 
this  year. 

Among  the  proposed  name  extensions  that  could  appeal  to  U.S. 
corporations  are: 

•  .jobs,  a  domain  for  companies  to  post  job  listings  and  other 
human  resources-related  information,  which  was  proposed  by  The 
Society  for  Human  Resource  Management. 

•  .travel,  a  domain  for  the  global  travel  industry  that  was  proposed 
byTralliance.a  directory  provider  to  the  tourism  industry 

•  .mail,  a  proposal  from  Spamhaus  to  create  a  spam-free  domain 
system  for  corporations  and  individuals. 

•  .mobi.a  domain  proposed  by  Nokia, Vodafone  and  Microsoft  that 
would  feature  content  and  services  optimized  for  mobile  devices. 

•  .tel,  which  would  provide  a  way  for  companies  to  register  their 
telephone  numbers  as  domain  names. 

In  other  bids,  the  international  postal  community  has  proposed 
.post,  an  extension  that  would  be  used  to  register  postal  services  and 
post  offices  using  the  same  abbreviations  already  used  by  the  postal 
industry. The  cultural  community  surrounding  the  Catalan  language 
proposed  its  own  registry,  which  would  be  dubbed  .cat.  Also  a 
Canadian  group  has  proposed  .xxx  for  pornographic  content. 

An  independent  panel  will  review  the  proposals  beginning  in  May 

ICANN  currently  authorizes  three  specialized  top-level  domains: 
.aero  for  the  aviation  industry,  .coop  for  cooperative  businesses  and 
.museum  for  museums.  ■ 
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Double  your  productivity  with  Scan2  technology. 


❖  The  best  way  to  stay  ahead  is  to  double  your 
productivity.  Introducing  Scan2  technology 
Can2  from  Sharp.  Sharp's  Digital  Imagers  with  Scan2 
tchnology  are  designed  to  scan  two-sided  documents  in 
aingle  pass. 

Now  your  training  manuals  and  white  papers  ca''  be 
senned,  copied,  emailed  and  digitally  distributed  quicker 
thn  ever  before. 


In  fa  a,  it's  115%  faster  than  any  other  product  in  its 
class.  Not  only  is  it  like  having  double  the  help,  it  will  also 
allow  you  to  accomplish  more  tasks,  in  dramatically  less  time. 
Together  with  Sharp's  integrated  network  management 
software  and  security  features,  your  digital  information  is 
se*e  and  workflow  is  fully  optimized. 

Visit  sharpusa.com/scan2  or  call  1-800-BE-SHARP  for 
more  information. 


The  AR-M550,  AR-M620  and  AR-M700: 

.  Operate  at  55, 62  and  70  pages-per-minute 
.  Fully  integrated  network  ready1  digital  copier  printers 
.  Include  network  management  software  and  document 
filing  capability 
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SBC  goes  nationwide  with  VPN  service 

Carrier  seeks  to  get  IXC  trame  customers  to  switch. 


A  long  way  to  go 

IP  VPN  services  are  on  the  rise,  although  the  installed 
base  is  projected  to  pale  next  to  that  of  frame  relay  for 
the  foreseeable  future. 


Dedicated  IP  VPN  sites;  includes 
network-based,  IP-enabled  frame  and 
site-to-site. 

1,800,000 
1,600,000 
1,400,000 
1,200,000 
1,000,000 
800,000 
600,000 
400,000 

200,000 - 100,000  345,000 

2002  2007 

'Compound  annual  (Projected) 

growth  rate. 


Frame  relay  sites 
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SOURCE:  VERTICAL  SYSTEMS  GROUP  EMERGING  NETWORKS  SERVICE 


m  BY  JIM  DUFFY 

SBC  last  week  unveiled 
a  nationwide  hosted  VPN  ser¬ 
vice  it  claims  will  lower  the 
cost  of  wide-area  networking 
for  businesses. 

The  carriers  PremierSERV  Net¬ 
work-Based  VPN  uses  SBC’s  pri¬ 
vate,  Multi-protocol  Label  Switch¬ 
ing  (MPLS)-enabled  OC-192  IP 
backbone  for  transporting  data. 
Because  it  is  a  hosted  service 
and  doesn’t  require  equipment 
at  the  customers  location,  the 
offering  eliminates  the  need  for 
upfront  capital  investments  and 
continual  equipment  upgrades. 

SBC  already  offers  a  customer 
premises  equipment  (CPE)- 
based  VPN  service  that  supports 
IPSec  tunnels. 

MPLS  lets  the  service  support 
existing  access  connections, 
such  as  dial-up,  dedicated,  DSL, 
Ethernet,  optical,  frame  relay, 
ATM  and  Wi-Fi,  or  CPE-based 
VPNs  that  use  IPSec  or  Triple- 
DES.  SBC  also  says  its  new  offer¬ 


ing,  a  Layer  3  service  based  on 
RFC  2547bis,  can  provide  the 
same  levels  of  security  and  ser¬ 
vice  reliability  as  point-to-point 
techniques  because  traffic  is  car¬ 
ried  over  the  carriers  private 
backbone  instead  of  the 
Internet. 

As  such,  PremierSERV  is  a  key 
element  of  SBC’s  national  data 
services  offerings  and  strategy  to 
attract  more  large  business  cus¬ 
tomers,  especially  those  that 
now  use  frame  relay  services 
from  interexchange  carriers, 
says  Brett  Theiss,  SBC  director  of 
IP  services. 

SBC  and  other  RBOCs  recently 
divulged  plans  to  aggressively 
court  large  businesses  after  the 
carriers  gained  approval  to  offer 
long-distance  services  in  and  out 
of  their  regions  (www.nwfusion. 
com,  DocFinder:  1343).  For  the 
most  part,  they  are  targeting  the 
installed  base  of  frame  relay  cus¬ 
tomers  of  AT&T,  MCI  and  Sprint. 

AT&T  and  MCI  have  offered 
MPLS-enabled  VPN  services  for  a 


few  years.  Sprint  only  recently 
embraced  MPLS  (DocFinder: 
1342).  Qwest  has  operated  a 
national,  MPLS-enabled  IP  core 
for  at  least  three  years. 

Analysts  caution  that  the 


“access  agnostic”  nature  of 
SBC’s  Network-Based  VPN  is  via 
gateways,  whereas  transport  of 
frame,  ATM  and  other  Layer  2 
data  services  in  competitive 
MPLS  VPN  networks  is  over 


a  mesh  of  permanent  virtual 
circuits. 

“A  couple  gateways  into  SBC’s 
ATM  and  frame  relay  networks 
isn’t  the  same  thing  as  a  fully 
meshed  network  architecture 
featuring  converged  services,” 
states  Brian  Washburn,  a  senior 
analyst  at  Current  Analysis.  “It’s 
not  nearly  as  developed  on  the 
network  convergence  front  as 
those  of  some  of  its  competitors.” 

Theiss  says  SBC’s  CPE-  and 
Network-Based  VPN  services 
both  support  voice.  The  newer 
service  supports  one  class  of 
service  now  for  voice  and  video 
but  by  September  it  will  offer 
four,  he  says. 

Sample  pricing  for  the 
Network-Based  VPN  service  is 
$765  per  month  for  a  T-l  with 
100%  committed  information 
rate,  and  $80  per  month  for  a 
business  DSL  access  line  with  a 
service-level  agreement  that 
supports  768K  bit/sec  down¬ 
stream  and  128K  bit/sec  up¬ 
stream  rates.  ■ 


NETWORK  WORLD  S  DATA  CENTER 
TECHNOLOGY  TOUR 

BACKSTAGE 

WFTHJ0HNNA  TILL  JOHNSON 

Network  World  this  week  launches  its  second 
Technology  Tour  on  the  topic,  Masterminding  the 
New  Data  Center.  Johna  Till  Johnson,  founder  and 
chief  research  officer  at  Nemertes  Research  and  a 
Network  World  columnist,  demonstrates  in  her 
keynote  address  how  the  concept  of  the  new  data 
center  is  taking  off  in  the  IT  community  and  shares 
the  best  practices  IT  managers  are  adopting.  She 
recently  discussed  her  thoughts  on  why  the  data  cen¬ 
ter  is  evolving  so  dramatically  with  Events  Editor 
Sandra  Gittlen. 

There's  a  lot  of  confusion  about  what  exactly  is  meant  by  the 
new  data  center.  Perhaps  understanding  the  shortcomings  of 
the  old  model  would  help  make  clear  the  need  for  a  new  one. 

When  the  economy  came  to  a  screeching  halt,  compa¬ 
nies  took  a  long  hard  look  at  what  resources  they  had  [in 
the  data  center], where  those  resources  were  deployed 
and  what  they  were  really  costing.  And  they  recognized  a 
few  things. 

The  average  server  and  storage  utilization  ran  around 
10%  to  25%  —  they  had  four  to  10  times  as  much  hard¬ 
ware  as  they  actually  needed.  Storage  requirements  had 
been  decoupled  from  server  requirements  —  you  no 
longer  had  to  buy  a  server  every  time  you  needed  more 
storage.  And  network  gear  —  switches  and  routers  — 
was  taking  up  a  much  greater  percentage  of  the  data 


center  footprint  than  before. 

Companies  also  realized  that  while  the  overall  trend 
had  been  toward  putting  computers  closer  to  users,  the 
advent  of  networking  and  IP  meant  that  was  no  longer  a 
requirement.  Most  employees  are  no  longer  at  the  corpo¬ 
rate  headquarters  because  they  no  longer  have  to  be 
(87%  of  folks  are  at  remote  sites,  according  to  Nemertes 
Research, and  the  trend’s  increasing). 

And  finally  the  people  with  the  skills  and  knowledge  to 
administer  the  corporate  data  center  are  often  no  longer 
the  ‘mainframe  guys,’  but  folks  with  a  background  in  net¬ 
working,  servers,  storage  or  some  other  area  of  technol- 
ogyA  lot  of  the  existing  equipment  wasn’t  standardized 
and  therefore  was  more  expensive  to  maintain. 

So  what  is  the  upshot  for  the  ‘new  data  center? 

Data  centers  now  can  be  located  somewhere  with  low 
real  estate  costs  and  high  reliability  They  include  a  mas¬ 
sive  amount  of  networking,  storage  and  voice  communi¬ 
cations  gear  as  well  as  computers.To  reduce  overall  cost 
of  ownership,  IT  executives  are  increasingly  relying  far 
more  heavily  on  standardized  architectures  (blade 
servers,  clusters). 

Data  centers  now  emphasize  highly  redundant/reli¬ 
able  architectures.  In  the  old  days,  tripping  over  a  cable 
might  have  taken  down  an  office.  Now  tripping  over  a 
cable  could  take  down  the  entire  Asia-Pacific  region. 
Todays  data  center  designs  increasingly  involve  auto¬ 
mated  management  and  application  provisioning  (you 
want  to  increase  the  utilization  of  resources  while 
reducing  the  number  of  humans  administering  said 
resources). They  feature  technologies  that  lower  opera¬ 
tional  costs  and  increase  utilization,  like  virtualization 
and  grid  computing.  And  they  are  operated  and  man¬ 
aged  by  IT  executives  who  are  not  necessarily  main¬ 
frame/applications  specialists. 


What  has  your  research  shown  about  this  shift?  Are  IT  man¬ 
agers  grasping  what  needs  to  be  done?  Or  are  tight  budgets 
and  lean  staffing  standing  in  the  way? 

By  and  large,  IT  execs ‘get  it.’ Tight  budgets  and  lean 
staffing  are  part  of  the  reason  for  consolidation,  not  a  bar¬ 
rier  to  it.  And  virtualization,  grid  computing  and  utility/on- 
demand  computing  aren’t  cool  new  ways  to  jazz  up  your 
infrastructure  —  they’re  practical  approaches  to  reducing 
operational  costs  and  improving  performance. 

What  are  the  top  five  things  an  IT  manager  should  do  to  make 
a  move  toward  a  new  data  center  infrastructure? 

1 .  Standardize  on  server  architectures. 

2.  De-couple  servers  and  storage.  Appoint  a  ‘storage  czar’ 
to  oversee  how  storage  is  delivered. 

3. Take  ownership  of  facilities.  Review  your  HVAC 
requirements  in  light  of  the  network,  storage  and  commu¬ 
nications  gear  you’ll  need  to  support  (keep  in  mind  that 
most  data  centers  assume  that  computing  platforms  com¬ 
prise  the  major  tenants;  that’s  no  longer  the  case). 

4.  Invest  in  redundancy  —  networking  and  platform. 

5.  Explore  next-generation  hardware  and  software: 
grid  computing,  high-availability  switching,  storage 
virtualization. 

How  can  IT  managers  sell  this  concept  to  the  boardroom? 
What's  the  No.  1  benefit  they  should  point  to  to  gain  backing? 

Lower  operational  cost.You  save  money  and  improve 
performance  by  automating  operations.  ■ 

More  online! 

Register  now  for  the  Masterminding  the  New 
Data  Center  Technology  Tour. 

DocFinder:  1326 


IBM  Express  Middleware:  Designed 
and  developed  for  midsize  companies. 

(IBM  muscle  for  less  moolah.) 


MIDDLEWARE  IS  POWERFUL  IBM  SOFTWARE.  The  kind  of  software  that  makes  your  applications  work  better  to  solve 
your  business  problems.  It’s  an  answer.  It’s  IBM  DB2?  Lotus?  Tivoli®  and  WebSphere®  And  in  the  form  of  IBM  Express  Middleware, 
it’s  now  more  accessible  than  ever  for  midsize  businesses. 

IBM  Express  Middleware  is  engineered  to  work  with  your  existing  business  applications  whether  they  run  on  Windows,®  Linux® 
or  UNIX®  It’s  engineered  to  be  deployed  by  those  without  computer  science  degrees.  It’s  priced  to  put  a  smile  on  Accounting’s 
face.  It’s  nimble.  Quick.  Flexible. 


Your  technology  will  work  harder  to  meet  the  demands  of  your  customers,  your  business  goals  and  your  industry's  needs.  It  makes 
your  business  more  responsive  to  the  unforeseen.  Of  course,  all  of  this  is  easy  to  implement,  easy  to  install,  simple  to  maintain.  You 
need  to  learn  more.  To  find  an  IBM  Business  Partner  in  your  area,  visit  ibm.com/software/express 


IBM.  DB2,  bolus.  Tivoli  and  WebSphere  are  registered  trademarks  or  trademarks  ot  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries  Linux  is  a  registered  trademark  of  Unus  Torvalds.  Windows  Is 
a  registered  trademark  of  Microsoft  Corporation  in  the  United  States  and/or  other  countries.  UNIX  is  a  registered  trademark  of  The  Open  Group  in  the  United  States  and/or  other  countries.  ©  2004  IBM  Corporation.  All  rights  reserved. 
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Talking  security  with  Motorola’s  William  Boni 

Being  in  IT  security  is  more  than  a  full-time  job  for  William  Boni.  As  Motorola  s  vice  president 
and  chief  information  security  officer,  Boni  oversees  security  for  a  global  network  supporting 
some  100,000  end  users.  He  also  recently  helped  form  an  IT  security  consortium  with  counter¬ 
parts  from  other  companies  and  last  week  gave  a  keynote  address  at  the  InfoSec  World  confer¬ 
ence  in  Orlando.  Somewhere  in  between  all  this,  Boni  spoke  with  Network  World  Senior  Editor 
Ellen  Messmer. 


How  would  you  describe  the  level  of  importance  Motorola  gives 
to  IT  security  these  days? 

Motorola,  like  most  other  large,  sophisticated  global 
organizations,  has  become  increasingly  dependent  on 
the  running  of  its  IT  infrastructure,  applications  and 
technologies  to  support  the  success  of  its  business  strat¬ 
egy  and  operations. 

In  parallel  to  that  increased  recognition, you  have 
increasingly  visible  and  apparent  risks  and  threats  to 
that  infrastructure  and  those  operations  and  capabili¬ 
ties.  It’s  not  just  a  matter  of  Sept.  1  l.We  had  a  whole 
series  of  denial-of-service  attacks  in  the  spring  of  2000; 
there  has  been  the  seemingly  endless  series  of  worms, 
viruses  and  other  types  of  events. 

Management  has  sought  to  obtain  higher  levels  of 
assurance  by  giving  this  role  executive-level  status  and 
accountabilities. 

What  sorts  of  security  projects  can  you  tell  me  about  that  are 
going  on  within  Motorola? 

Motorola  is  a  major  producer  of  intellectual  property, 
proprietary-sensitive  information,  new  product  designs, 
trade-secret  and  patentable  information  across  a  num¬ 
ber  of  industry  segments.The  challenge  in  developing 
new  products  and  solutions  is  that  it  requires  extensive 
use  of  digital  technology  to  design,  describe  and  bring 
them  into  production  and  distribution. 

A  common  business  practice  is  reverse-engineering, 
looking  at  ideas  and  seeing  how  it  compares  against  the 
individual  company’s  product.The  concern  is  to  make 
sure  we  don’t  have  premature  leakage  of  key  forms  of 
digital  intellectual  property  There  are  a  number  of  differ¬ 
ent  technologies  from  both  mainstream  leading  vendors 
and  start-ups  that  I  am  interested  in  looking  at. 

What's  been  your  experience  with  intrusion-detection  systems? 

Detecting  something  is  always  less  desirable  than  actu¬ 
ally  preventing  things  in  the  first  place.  We  got  into  the 
IDS  technology  fairly  early  and  found,  like  everybody 
else,  the  existing  tools  and  technologies  suffer  from  cre¬ 
ating  a  huge  overload  of  false  positives. 

But  we  did  make  the  effort  to  create  the  capability  to 
allow  us  to  do  analysis  and  basic  correlation  and  assess¬ 
ment  —  and  have  found  even  the  detection  tool  to  be  a 
very  useful  adjunct  in  our  efforts  to  manage  the  conse¬ 
quence  of  events  whenever  they  do  happen  inside  our 
network.  We’re  typically  wading  through  20  to  30  million 
events  per  month  to  find  the  dozen  or  so  that  require  an 
appropriate  response. 

Have  you  started  using  intrusion-prevention  systems? 

We’re  in  the  process  of  upgrading  our  existing  tech¬ 
nologies  to  be  more  preventive  and  retain  the  ability  to 


detect  and  respond  to  things.  We’re  keeping  our  eye  on 
the  new  technologies  as  they  come  out. There  are  some 
promising  new  vendors  [which  he  declined  to  name]. 

But  Motorola  is  far  too  complex  an  organization  for 
me  to  want  to  be  a  beta-test  laboratory  for  somebody’s 
new  idea.  I  need  proven  capability  before  I  can  go  to 
management  here  and  outline  the  business  case  for 
additional  investment  or  supplemental  spending.  But  it’s 
really  important  for  all  the  vendors  to  understand  that 
preventing  the  attacks  is  a  much  higher  payoff.  Detecting 
is  helpful,  but  it’s  still  after  the  fact. 

What’s  the  goal  of  the  Security  Metrics  Consortium  you  helped 
launch  in  March? 

When  you  get  a  group  of  security  professionals  to¬ 
gether,  especially  in  a  social  context,  the  conversation 
very  quickly  turns  to:  What  are  you  doing,  and  what  are 
your  challenges?  One  of  the  big  gaps  here  is  what 
amounts  to  a  framework  that  can  be  referenced  as  to: 
How  are  we  doing  in  our  security  program  compared 
with  what  amounts  to  a  best-practices  baseline? 

We  want  to  make  that  more  professional  and,  if  we  can, 
establish  a  baseline  that  can  be  used  for  ongoing  apples- 
to-apples  kinds  of  comparisons  across  organizations.  It 


helps  to  answer  the  questions  that  CEOs,  CFOs  and  CIOs 
have,  which  are:  Are  we  doing  enough?  Are  we  doing  too 
little?  Are  we  doing  too  much?  Are  we  doing  the  right 
things?  Are  we  doing  well  at  what  we  have  to  do? 

If  you  don’t  have  some  kind  of  impartial  or  consensus- 
based  framework  to  measure  that  against,  it  ends  up 
being  very  much  anecdotal  or  driven  by  the  particular 
preferences  and  abilities  of  the  individual  security  officer. 

One  goal  here  is  to  try  to  equip  people  who  may  not 
have  majored  in  debate  science  in  college  with  tools 
and  data  that  will  make  them  more  effective  in  articulat¬ 
ing  risk  management  efforts. 

I  see  you  also  belong  to  the  Police  Futurists  International. 

What  is  that? 

This  is  a  group  that  has  over  the  past  20-plus  years  got¬ 
ten  together  periodically  to  try  to  map  the  potential  of 
the  future  and  what  the  consequences  are  from  social, 
political,  economic  and  technological  dimensions. 

And  to  influence  that  future  so  it  will  be  a  more  positive 
destination. 

We  say  if  the  world  is  going  to  look  like  this  in  2015  or 
2020,  what  kind  of  skills,  technology  resources  and 
approach  to  protecting  society  against  criminals  and 
miscreants  ought  we  be  developing.  Especially  in  the 
public  sector,  it  can  take  a  long  time  to  develop  sources 
of  funding  and  to  develop  a  public  consensus.  Go  back 
about  15  years  —  the  idea  of  computer  forensics  —  why 
would  we  need  to  have  police  officers  looking  into  peo¬ 
ple’s  computers?  Yet  today  in  almost  every  major  law- 
enforcement  investigation  there’s  a  computer  dimension 
somewhere  in  that  chain. 

Most  of  the  members  have  master’s  degrees  or  Ph.D.s 
in  various  areas  of  social  research,  science,  technology. 
It’s  mostly  North  American-based,  but  with  good  repre¬ 
sentation  from  Australia,  U.K.  and  other  European 
nations.  It’s  trying  to  support  a  global  consensus  on 
areas  for  research  and  practitioner  development  in 
police  forces  so  they’re  prepared  to  cope  with  the  future 
and  don’t  get  overwhelmed  by  the  relentless  change 
we’re  all  going  to  face  as  we  move  forward  in  the  21st 
century  ■ 
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Vice  president  and  chief  information  security  officer 
Motorola 

Network  security,  business  continuity  and  data  protection/privacy 
on  Motorola's  global  IP  and  frame  relay  network,  which  supports 
100,000  end  users;  also  assures  security  in  interactions  with 
outside  contractors  and  outsourcing  partners. 

Approximately  three-dozen  full-time  security  professionals  plus 
a  matching  number  of  part-time  staff  and  IT  administrators 
assigned  to  security  tasks. 

Not  disclosed. 

Security  management  degree  from  Youngstown  State  University 
and  MBA  from  Pepperdine  University;  Certified  Information 
Systems  Auditor  from  ISACA  and  Certified  Protection 
Professional  from  ASIA  International. 

Vice  president  of  information  security  for  First  Interstate  Bank; 
project  security  officer  for  "Star  Wars"  program  and  other 
defense  work  with  Hughes  Aircraft  and  Rockwell;  Army  counter¬ 
intelligence  officer;  federal  agent  and  investigator. 

1-Way  Robbery:  Crime  on  the  internet;  High  Tech  Investigator's 
Handbook:  Working  in  a  Global  Environment;  and  Netspionage: 
The  Global  Threat  to  Information. 
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InfraStruXure™  Manager 

111  appliance  +  1U  24-post 
hub  provide  remote  man¬ 
agement  of  entire  system 
through  a  single  IP  address, 


Integrated  Cable  Routing 

Self-contained  cable 
routing  allows  for 
installation  anywhere  - 
no  raised  floor  needed. 


Rack-mount  PDU 

(Basic,  metered, 
switch  models) 

Up  to  42  recepta¬ 
cles,  monitored 
to  eliminate  branch 
circuit  overloads. 


[data  routing] 


Rack  Air 
Removal  Unit 

Optimizes  heat 
removal  from 
densely  config¬ 
ured  racks. 


Environmental 

Monitoring 

Local  or  remote 
monitoring  of  temper¬ 
ature  and  humidity 
and  other  conditions 
in  your  enclosures. 


NetworkAIR  ”  FM 

Modular  floor  mount 
precision  air  conditioning 
for  environmentally  sen¬ 
sitive  equipment  areas. 
Multiple  installation 
choices:  in-row  (shown), 
down  flow  air  discharge 
(raised  floors),  up  flow 
(single  rows). 


PDU  with 
System  Bypass 
Rack-optimized  design 
with  configure-to-order 
multi-branch  whips  to 
speed  installation. 


[power  routing] 


Rack  Air  Distribution  Unit 

Delivers  equalized  airflow  from  the 
bottom  to  the  top  of  the  enclosure  to 
help  eliminate  unequal  temperatures 
and  protect  sensitive  electronics. 


N+1  UPS 

Scalable,  modular  and 
manageable  UPS  with  N+1 
redundancy  for  unmatched 
levels  of  availability. 


Pay  as  you  grow  with  pre-tested  APC  InfraStruXure" 
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Infrastructure 


POWER  RACK  ^COOLING 


On-demand  architecture  for  network- 
critical  physical  infrastructure 


An  on-demand  architecture  for  network- 
critical  physical  infrastructure  (NCPI*), 
InfraStruXure™  speeds  the  specification, 
design,  and  installation  of  IT  environments. 


Using  a  Web-based  configuration  tool  to  simplify  the  design 
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Equipment  Racks 


I 

<3  i 

u 


Batteries 


UPSs 


Traditional  data  centers  are 

built  out  for  future  capacity  and 
require  a  large  amount  of  floor 
space  that  could  be  otherwise 
utilized.  High  power  density  racks 
create  dangerous  hot  spots. 


process  and  a  configure-to-order  approach,  InfraStruXure's 
rack-based,  standardized  modules  provide  you  with  a  pre-tested, 
integrated  system  that  assembles  in  a  matter  of  hours. 

APC  InfraStruXure  is  built  for  speed  and  more:  system  resiliency, 
lower  cost,  higher  availability.  So,  if  you're  looking  to  deploy  your 


AFTER 


InfraStruXure™  lets  you  build  out 
capacity  only  as  it's  required.  Save 
up  to  50%  CapEx  and  20%  OpEx* 
and  reclaim  an  average  of  20%  usable 
space.  InfraStruXure  delivers  cooling 
directly  where  it  is  needed,  eliminating 
dangerous  hot  spots. 


servers  in  days,  look  no  further  than  InfraStruXure. 


**  Representative  savings  based  on  projected  power  infrastructure  built-out 
costs  and  estimated  service  cost  per  unit.  Actual  savings  may  vary. 


For  more  information,  visit  us  today  at  www.apc.com. 

*NCPI  is  the  foundation  of  highly  available  networks,  and  consists  of  power,  power  distribution,  racks, 
cabling,  cable  distribution,  cooling,  cooling  distribution,  integrated  services,  and  management  strategy. 
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The  NetVanta”  3000  Series  from  ADTRAIM. 


Dare  to  Compare! 

NetVanta 

3305 

Industry-Leading 

Brand 

Dual  Network  Interfaces 

✓ 

$$$ 

Dual  Ethernet  Interfaces 

✓ 

$$$ 

Stateful  Inspection  Firewall 

✓ 

$$$ 

Command  Line  Interface  (CLI) 

✓ 

✓ 

Quality  of  Service  (QoS) 

✓ 

✓ 

VLAN  Trunking 

✓ 

✓ 

Virtual  Private  Networking  (VPN) 

s 

$$$ 

Dial  Backup 

$ 

sss 

PBX  Connectivity 

s 

$$$$$ 

Unlimited  Telephone  Support 

Free 

sss 

Operating  System  Updates 

Free 

$$$$ 

Warranty 

5  Year 

1  Year 

Uncompromising  quality.  Affordable  price.  There's  no  better  value 
in  access  routers  than  the  NetVanta  3000  Series  from  ADTRAN. 


Using  a  NetVanta  3000  router,  you  can  outfit  a  remote 
location  with  complete  T1  voice  and  data  communications 
for  50%  less  than  you’re  accustomed  to  paying.  Loaded 
with  standard  features,  and  available  with  very  reasonably 
priced  options,  the  NetVanta  3000  Series  is  everything  you 
need  in  a  router  and  more.  Lower  price  isn’t  the  result  of 
cutting  corners — it’s  the  result  of  smart  engineering. 
Engineering  that’s  backed  by  a  100%  satisfaction  guarantee 
from  ADTRAN,  including  unlimited  telephone  technical 
support  (before  and  after  the  sale),  free  ADTRAN  OS  updates, 
and  a  full  five-year  warranty.  Try  a  NetVanta  3000  router  today. 
And  start  getting  more  out  of  your  router  dollar. 

Why  pay  more? 


Take  the  CLI  Challenge!  Receive  a  free  T-Shirt! 

www.adtran.com/info/whypaymore 

877.767.6022  Technical  Questions 
877.280.8416  Where  to  Buy 
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■  LAN/WAN  SWITCHES  AND  ROUTERS 

■  ACCESS  DEVICES  ■  SERVERS  ■  VPNS 

■  OPERATING  SYSTEMS  ■  NETWORKED  STORAGE 

■  VOIP  ■  WIRELESS  NETWORKS 


Copper  versions,  lower  prices  make  10G  more  tempting 


■  BY  PHIL  HOCHMUTH 

A  sharp  drop  in  10G  Ethernet  pricing, and 
the  emergence  of  technology  that  runs 
10G  over  copper,  could  spur  enterprise 
interest  in  the  technology  users  and  ana¬ 
lysts  say 

Pre-standard  10G  prices  were  high 
enough  to  scare  all  but  the  most  deep- 
pocketed  organizations,  as  debut  prod¬ 
ucts  three  years  ago  hovered  around 


■  Cisco  last  week  announced  plans  to 
purchase  privately  held  Riverhead 
Networks,  a  maker  of  security  tech¬ 
nology  that  protects  against  distrib¬ 
uted  denial-of-service  attacks,  in  an 
all-cash  deal  worth  about  $39  million. 
Riverhead’s  devices,  called  Guard 
and  Detector,  attach  to  network 
routers.  They  compare  traffic  flows  to 
learned  profiles  of  normal  traffic  pat¬ 
terns,  behavior  and  protocol  compli¬ 
ance  to  identify  and  mitigate  a  range 
of  known,  and  previously  unseen, 
security  attacks. 

■  Trapeze  Networks  last  week 
unveiled  two  wireless  LAN  switches, 
one  targeted  at  large-scale  WLANs 
anchored  in  data  centers,  the  other 
for  small  deployments.  The  high-end 
switch,  the  MX-400,  eliminates  the 
need  for  direct  connections  with  indi¬ 
vidual  access  points,  as  was  previ¬ 
ously  required.  Instead,  up  to  100 
access  points  connect  to  the  switch 
over  an  existing  Layer  2  or  3  back¬ 
bone.  The  MX-400,  which  uses  redun¬ 
dant,  hot-swappable  power  supplies, 
is  scheduled  to  ship  in  June  for 
roughly  $22,000.  The  new  low-end 
switch  is  the  MX-8.The  product, 
which  costs  about  $3,000,  features 
eight  10/100M  bit/sec  Ethernet  ports, 
which  all  support  Power  over  Ether¬ 
net,  eliminating  the  need  to  run  sepa¬ 
rate  electrical  wiring  to  the  access 
points.  The  company  also  upgraded 
the  system’s  software  that  runs  on 
its  switches  and  aired  an  improved 
version  of  its  RingMaster  WLAN 
design  and  management  tool  set. 


$100,000  per  port.  Today,  pricing  has  fall¬ 
en  below  $7,000  per  link  —  under  the 
$l,000-per-Gigabit  threshold  that  analysts 
have  said  would  be  necessary  to  attract 
buyers.  And  with  one  copper  10G  stan¬ 
dard  in  the  books,  and  another  on  its  way, 
experts  are  predicting  an  imminent  rise 
in  10G  adoption. 

“I  believe  the  current  reduction  in  10 
Gigabit  pricing  is  being  driven  by  the  avail¬ 
ability  of  Gigabit-over-copper  on  the  edge, 
and  the  move  to  more  centralized  applica¬ 
tion  services,”  says  Len  Stans,  director  of 
network  technology  at  Sandia  National 
Laboratories,  a  U.S.  Department  of  Energy 
lab  with  a  large  supercomputing  research 
facility  in  Albuquerque,  N.M. 

Sandia  has  about  20  10G  ports  on  a  mix 
of  Cisco,  Extreme  Networks,  ForcelO  Net¬ 
works  and  Foundry  Networks  switches. 
These  boxes  tie  together  backbone 


■  BY  TIM  GREENE 

Start-up  enKoo  is  coming  out  with  a  low- 
cost  remote-access  appliance  based  on 
Secure  Sockets  Layer  that  might  not  have 
all  the  bells  and  whistles  of  other  such 
gear,  but  does  offer  customers  practical 
means  for  accessing  important  data. 

The  company’s  enKoo  1000  and  2000 
appliances  require  remote  machines  to 
have  an  SSL-enabled  Web  browser  to  gain 
access  to  commonly  used  applications 
and  files. 

Other  vendors,  such  as  Aventail,  Net- 
Screen  Technologies  and  Whale  Com¬ 
munications,  offer  similar  features  with 
their  products.  They  also  support  stronger 
authentication  options  than  enKoo  does, 
and  verify  whether  remote  machines  are 
configured  to  meet  security  rules,  things 
enKoo  cannot  do.  The  other  vendors’  gear 
also  costs  more. 

Pricing  for  the  enKoo  1 000  starts  at  $  1 ,000 
for  a  box  with  a  10-user  license  and  ranges 
up  to  $10,000  for  an  enKoo  2000  with  a 
license  for  500  users.  Pricing  for  a 
NetScreen  SSL  appliance  costs  about 
$10,000  for  50  users. 

The  enKoo  appliances  sit  behind  corpo¬ 
rate  firewalls  and  are  accessed  via  SSL 
from  remote  Web  browsers  that  use  firewall 
ports,  which  are  commonly  left  open  for 


switches  and  connect  to  switches  that 
aggregate  clusters  of  smaller  machines, 
linked  via  Gigabit  Ethernet.  Stans  expects 
to  boost  the  lab’s  10G  port  count  to  300  by 
this  time  next  year. 

The  per-port  price  for  10G  has  dropped 
rapidly  since  the  introduction  of  pre-stan¬ 
dard  10G  equipment  in  2001.  Foundry  was 
the  first  to  ship  a  pre-standard  1 0G  port  on 
its  Biglron  switch, at  a  cost  of  about  $80,000 
for  the  module  and  optics.  Now  Foundry 
Cisco,  Extreme  and  ForcelO  all  have  prod¬ 
ucts  priced  between  $4,000  and  $7,000  for 
a  fiber-based  Gigabit  Ethernet  port. 

“The  pricing  cuts  [for  10G  gear]  are  a  sur¬ 
prise  to  me,”  says  Zeus  Kerravala,an  analyst 
with  The  Yankee  Group.  “The  average  cost 
of  a  10  Gigabit  port  has  come  down  much 
more  dramatically  than  I  would  have  fig¬ 
ured  a  few  years  ago.”  Vendors  have  said 
that  wider  availability  of  10G  optical  corn- 


secure  Web  access. Traffic  is  tunneled  over 
the  Internet  to  the  enKoo  devices,  which 
proxy  requests  to  the  appropriate  LAN 
machines. 

Remote  users  can  access  files  they  are 
authorized  to  share,  reach  individual 
desktops  via  a  remote-control  agent  and 
access  any  e-mail  server  using  the  full 
e-mail  client  on  the  remote  machine 
rather  than  a  Web  client  that  has  less  func¬ 
tionality,  says  Ajit  Deora,  enKoo’s  CEO. 

The  device  lets  Jordan  Archer,  owner  of 
independent  software  engineering  firm 
Windspear,  securely  access  data  at  his 
home  office  in  San  Jose  from  machines 
behind  firewalls  at  customer  sites.  He  says 
that  before  he  started  using  enKoo  gear 
about  four  months  ago,  it  was  difficult  to 
get  data  he  needed  through  those  firewalls. 

Archer  says  Windspear  maintained  a 
separate  Linux  server  outside  the  compa¬ 
ny  firewall  containing  data  he  might 
want  to  access  when  he  traveled,  avoid¬ 
ing  the  problem  of  accessing  data 
through  his  own  firewall.  “[The  Linux 
server]  was  exposed  to  the  world,”  he 
says  of  the  data.  He  tried  a  Netgear  fire¬ 
wall/VPN  appliance,  but  found  the  VPN 
too  difficult  to  configured  never  did  fig¬ 
ure  it  out,”  he  says. 

EnKoo  says  that  to  set  up  the  device, cus¬ 
tomers  plug  it  into  a  LAN-switch  port,  and 


ponents  from  more  suppliers,  and  the 
emergence  of  standard  10G  form  factors 
such  as  the  XAUI  interface  and  XenPak 
modular  transceivers,  have  helped  drive 
down  the  cost  of  optics  and  components. 

The  approval  of  an  IEEE  standard  for 
copper-based  10G  early  this  month 
promises  to  hasten  the  price  decreases. 
The  IEEE  standard,  specified  as  lOGBase- 
CX4,uses  InfiniBand  IBX4  twinaxial  cable, 
rather  than  the  more  common  Category  5 
and  6  cabling,  which  supports  Ethernet 
speeds  from  10M  to  1000M  bit/sec. 

Last  week,  Cisco  announced  a  $600  10G 
copper  port  module  for  its  Catalyst  6500 
switch.  Cisco  was  the  leader  in  10G  rev¬ 
enue  last  year,  according  to  Gartner,  with 
$45  million.  Cisco  was  followed  by 
Foundry  with  $25  million  and  ForcelO 
with  $6  million. 

See  10G,  page  22 


The  simple  design  of  enKoo's  remote-access 
appliances  is  intended  for  companies  with 
limited  IT  expertise. 


it  captures  the  IP  addresses  of  all  the  other 
gear  attached  to  the  network.  An  adminis¬ 
trator  then  uses  this  data  to  grant  users 
and  user  groups  access  to  network 
resources. 

The  device  can  arrange  network  re¬ 
sources  into  groups  based  on  Microsoft’s 
Network  Neighborhood  and  Network 
Places  software.  Individual  users  then  are 
authorized  to  use  specific  Network 
Neighborhood  or  Places  groups  defined 
by  the  enKoo  device  to  access  files. 

For  customers  who  want  access  to  data 
and  applications  on  specific  desktops, 
enKoo  supports  a  remote-control  feature 
called  Beam.  A  remote-control  client  is 
placed  on  the  target  LAN  machine,  and 
the  enKoo  appliance  proxies  the  remote- 
control  session  to  the  remote  user. 

EnKoo  gear  supports  only  Microsoft 
clients  Windows  98, 2000,  NT.  XP  and  XP 
Pro.  ■ 


Small  businesses  get  alternative  for  SSL 

Start-up  enKoo  uses  browsers  for  remote  access. 
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Considerations  for  the  newest  “mission-critical”  application 


•o  Peter  A.  G err,  Analyst 


IT  managers  and  business  professionals  need  to  look  no 
further  than  the  daily  headlines  to  realize  that  failing  to 
protect  email  applications  like  Microsoft  Exchange,  can  be  a 
costly  and  risky  proposition.  On  March  10,  2004,  Bank  of 
America  (BoA)  became  the  latest  financial  services  company 
to  be  fined  by  the  Securities  and  Exchange  Commission 
(SEC).  For  failing  to  properly  protect,  manage,  and  retain 
email  and  other  electronic  records,  which  "impeded  the  SEC's 
ability  to  discharge  its  investigative  and  law  enforcement 
responsibilities",  BoA  was  fined  $10,000,000. 

While  Enterprise  Storage  Group  (ESG)  estimates  that  70% 
of  an  organization's  intellectual  property  resides  within  or  is 
directly  accessible  via  email  applications  such  as  Microsoft 
Exchange,  until  recently,  many  organizations  did  not  consider 
email  among  other  "mission  critical"  applications.  A  recent 
ESG  Research  report.  The  Evolution  of  Enterprise  Data 
Protection,  illustrates  that  email  is  near  the  top  of  most  IT 
agendas,  with  61%  of1 222  enterprise  and  mid-tier  respon¬ 
dents  identifying  email  as  the  most  critical  application  to 
protect  from  a  backup  and  recovery  perspective  (Figure  1). 
Protecting  emails  goes  well  beyond  simple  backup  and 
recovery  procedures  however.  Many  organizations  rely  on 
email  to  link  suppliers  with  customers  and  increasingly, 
email  is  the  collaborative  foundation  on  which  projects  are 
planned  and  tracked.  Bottom  line  -  email  is  an  indispensable 
tool,  used  by  virtually  everyone  throughout  an  organization, 
and  represents,  perhaps,  the  single  biggest  security  threat  if 
not  protected  and  managed  properly. 

So  when  you  decide  to  migrate  to  Windows  Server  2003 
and/or  Exchange  2003  you  can  reap  the  benefits  of  having  a 
more  robust  storage  infrastructure  while  still  improving  levels 
of  data  protection.  Striking  the  right  balance  of  functionality 
and  cost  in  selecting  storage  solutions  enables  administrators 
to  ensure  required  levels  of  availability  and  actually  lower 
TCO.  Specifically,  as  email  volume  continues  to  grow,  you  will 
be  better  prepared  to  address  the  challenges  of  managing 
Exchange  data  throughout  its  lifecycle  in  the  following  areas: 


•  Data  Migration  /  Application  Upgrade 

•  Consolidation  and  Management 

•  Backup  and  Restore 

•  Disaster  Recovery 

•  E-mail  Archiving  and  Compliance 

•  Content  Management 

This  article  explores  three  areas  of  benefits  related  to 
deploying  Exchange  in  a  networked,  multi-tiered  storage 
environment. 

Tiered  External  Storage  -  Building  a 
Strong  Foundation 

The  BoA  story  underscores  the  importance  of  proper 
record  keeping  especially  for  email.  It's  no  longer  enough  to 
protect  valuable  information  assets  with  ultra-reliable  stor¬ 
age  systems;  organizations  must  consider  how  to  manage, 
retain,  and  archive  information,  according  to  relative  value, 
importance,  and  security  profile,  throughout  its  lifecycle  -  in 
some  cases  for  decades.  Users  can  and  should  optimize  the 
relationship  between  data  at  different  points  in  its  lifecycle 
and  the  storage  systems  on  which  the  data  is  stored.  A  tiered 
storage  infrastructure  for  Exchange  should  include: 

•  Enterprise-class  disk  storage  features  like  local  and 
remote  replication  and  snapshot  provide  the  highest 
level  of  availability  for  primary  Exchange  data  to  support 
the  application. 

•  Mid-tier  ATA  disk  storage  with  the  above  replication 
capabilities  offers  robust  features  at  a  lower  cost  making 
these  systems  perfect  for  disk-based  backups. 

•  Purpose-built  systems  that  solve  specific  compliance, 
business  and  technical  challenges  including  data 
integrity,  rapid  access  to  data  and  long  term  archive. 

Economics  -  Reducing  System  and  Storage 
Management  Costs 

Exchange  is  an  ideal  application  to  illustrate  how  tiered 
external  storage  can  reduce  storage  and  system  management 
costs.  Decoupling  the  storage  purchase  from  the  server 
purchase  makes  sense  and  is  now  fully  enabled  by  Microsoft. 
Many  organizations  still  rely  on  the  internal  disks  within  their 
application  servers.  This  strategy  can  be  costly  and  doesn't 


provide  the  robust  foundational  requirements  noted  above  for 
a  mission  critical  application.  To  accommodate  the  constant 
demands  for  additional  storage  capacity  administrators  are 
forced  to  purchase  additional  servers.  In  this  case  external 
networked  storage  can  delay  the  purchase  of  additional 
servers,  slowing  system  proliferation  and  enabling  IT  to 
acquire  additional  capacity  as  needed. 

Data  Protection  -  Ensuring  Continuous 
Availability  and  Rapid  Recovery 

While  primary  capacity  for  Exchange  should  reside  on 
enterprise-class  disk  arrays,  an  ATA-based  solution  is  the 
perfect  complement  when  used  as  a  backup  target.  Likewise, 
new  features  like  Virtual  Shadow  Copy  Services  (VSS)  in 
Windows  Server  2003  and  Windows  Storage  Server  2003  give 
users  new  tools  to  protect  their  email.  With  VSS  administrators 
can  create  point-in-time  snapshots  of  a  primary  Exchange 
volume  and  backup  the  replica  to  an  ATA  disk  array  without 
diminishing  service  levels.  New  options  such  as  ATA  disks  allow 
users  to  cost-effectively  protect  and  manage  their  email  appli¬ 
cations  with  more  rapid  search  and  recovery  than  from  tape  or 
optical  storage.  ESG  Research  shows  within  the  next  24  months 
83%  of  enterprise  users  and  59%  of  mid-tier  users  will  deploy 
disk-based  data  protection  solutions  the  promise  faster,  and  in 
some  cases,  more  reliable  data  recovery. 

Protecting  critical  systems  against  natural  or  man-made 
disaster  is  paramount  in  today's  world,  and  when  considering 
how  to  include  Exchange  in  a  disaster  recovery  plan,  adminis¬ 
trators  should  consider  replication  and  migration  tools  that  are 
tightly  integrated  with  the  application.  Array-based  replication 
is  a  powerful  complement  to  VSS  allowing  users  to  replicate 
data  to  a  secondary  site,  further  enhancing  availability  while 
minimizing  performance  impact  to  the  application. 

Scalability  -  Using  Less  to  Manage  More 

Email  and  associated  attachments  are  responsible  for 
much  of  the  explosive  growth  in  storage  capacity  in  recent 
years.  Microsoft  Exchange  2003's  ability  to  support  more 
concurrent  users  under  a  single  license  enables  administrators 
to  consolidate  application  servers.  Server  consolidation  can 
be  balanced  with  tiered  storage  that  allows  users  to  retain 
more  information  online  yet  still  recover  quickly.  By  utilizing 
email  archiving  or  more  sophisticated  content  management 
solutions,  administrators  are  empowered  to  index  and  search 
Terabytes  of  email  and  attachment  data;  these  tools  also  make 
the  challenge  of  enabling  compliance  much  easier  and  can 
improve  worker  productivity. 

A  tiered  storage  infrastructure  provides  a  strong  platform 
to  support  Exchange  and  is  a  prerequisite  to  enable 
information  lifecycle  management  (ILM).  Improving  applica¬ 
tion  availability  is  less  complex  now  that  Microsoft  has 
enabled  external  storage  options  for  Exchange  while 
providing  powerful  host-based  tools  like  VSS  that  storage 
system  vendors  can  integrate  with.  Just  as  email  is  considered 
mission  critical,  it's  imperative  that  the  storage  supporting 
the  application  be  viewed  as  a  strategic  component,  not  an 
after-thought.  Protecting  email  is  the  first  step  in  safeguarding 
valuable  electronic  assets  and  intellectual  property,  while 
enabling  the  organization  to  meet  any  legal  or  regulatory 
requirements  it  faces. 


For  more  information  on 
Network  Storage  Solutions  and  the 
Enterprise  Storage  Group,  go  to: 
www.enterprisestoragegroup.com 


Email  Tops  User’s  List  of  “Mission-Critical  Applications” 


"What  are  the  top  three  applicaton  that  are  most  critical  to  your  organization  from  a 

backup  and  recovery  perspective?" 

—  Percent  of  all  users  listing  each  application,  N  =  222 

E-m  ail  /  M essaging 
OLTP  /  OLAP  /  RDBMS 
Financials 

Business  Intelligence  /  Data  Warehousing 
CRM  (Customer  Relationship  Management) 

ERP  (Enterprise  Resource  Planning) 

SCM  (Supply  Chain  Management) 

Collaborative  Development/Design 

CAD/CAM 

0%  10%  20%  30%  40%  50%  60%  70% 


Source:  Enterprise  Storage  Group,  2004 
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EMC  CLARiiON*  CHANGES  THE  WAY  YOU  THINK  ABOUT  STORAGE.  Frugality  is  the  mother  of  this 
invention.  Introducing  the  new  CLARiiON  CX  series.  The  storage  solution  that  offers  more  performance  at  every 
level.  More  functionality.  And  more  networking  flexibility  for  SAN  or  NAS.  So  you  can  do  more  than  you  ever 
thought  possible.  At  a  price  you  thought  was  impossible.  CLARiiON  models  start  under  $10,000  and  grow 
with  you.  To  learn  more,  visit  www.EMC.com/growthcompanies.  Or  call  1-866-464-7381. 

Find  an  authorized  EMC  Velocity2  Partner  at  www.EMC.com/velocity. 
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Silicon  Valley  diary:  Clarity,  creativity,  confidence 


Being  based  on  the  East  Coast, I  don’t 
get  out  to  Silicon  Valley  as  often  as  I 
should.  At  the  moment  though,  I’m 
nearing  the  end  of  a  10-day  trip  out  here. 
Working  and  meeting  with  established  IT 
vendors  along  with  new  start-ups  —  and 
old  start-ups  —  has  provided  me  with  a 
good  look  at  post-bubble  San  Jose. 

It  is  clearly  not  the  same  place  —  even 
from  the  outward  signs  —  and  hasn’t 
been  for  some  time  now.  But  in  all  my  var¬ 
ied  meetings  and  interactions,  I  saw  noth¬ 
ing  but  positive  signs:  clarity  creativity  and 
confidence. 

Clarity.  Gone  is  the  babble  of  years  past 
and  market-trend  presentations  that 
could  win  “best  fiction”  awards.  Today’s 
marketing  executives  have  studied  their 
markets  and  have  a  strong  basis  for  why 


their  product  set  will  win. They’ve  had  no 
choice  but  to  take  this  route  given  how 
hard  it  is  to  pry  money  out  of  the  pockets 
of  venture  capitalists  and  corporate 
finance  departments. 

Creativity.  What  I’m  seeing  isn’t  just 
recycled  ideas.  From  the  wireless  enter¬ 
prise  edge  and  consumer-class  broad¬ 
band  routers  to  next-generation  10G 
Ethernet  backbone  switches,  these 
devices  offer  functionality,  performance 
and  total-cost-of-ownership  benefits  that 
go  far  beyond  what  could  be  had  even  18 
months  ago. 

After  years  of  companies  building  “me- 
too”  LAN  infrastructure  (which,  at  least, 
made  it  easy  to  understand  what  one  was 
looking  at),  we  are  seeing  an  explosion  of 
ideas. 

With  wireless,  we  see  vendors  with 
vision  — -  imagining,  for  example,  how 
your  mobile  phone,  not  too  far  in  the 
future,  also  will  have  802.11  support.  And, 
how  they  will  build  you  a  network  today 
that  can  support  those  phones  tomorrow. 

Could  you  imagine  getting  the  Fast 


Ethernet  firewall/VPN  performance  of  a 
$10,000  enterprise  firewall  in  your  roughly 
$100  home-broadband  router?  That  tech¬ 
nology  exists  and  is  being  built  into  prod- 

After  years  of  compa¬ 
nies  building  “me-too" 
LAN  infrastructure . . . 
we  are  seeing  an 
explosion  of  ideas. 


Maybe  the  downturn  has  made  you  put 
off  upgrading  your  enterprise  network 
core.  Well,  when  you  start  looking  now, 
you’ll  get  a  pleasant  surprise.  The  type  of 
power  and  high-availability  affordable 
only  to  service  providers  in  the  past  is 
now  part  of  the  enterprise  product  portfo¬ 
lio  of  many  companies. 


Your  challenge,  of  course,  will  be  choos¬ 
ing  what  works  best  for  your  company 
from  a  lot  of  superior  offerings. 

Confidence.  There  is  something  to  be 
said  for  the  saying  “that  which  does  not 
kill  you,  makes  you  stronger."The  valley  got 
hit  harder  than  anywhere  else.The  people 
you  talk  to  have,  by  definition,  gotten 
through  it.  They  see  enterprise  network 
shops  re-engaging  and  are  anxious  to  get 
their  offerings  out  into  the  world. They  are 
confident  because  they  know  what 
they’ve  put  into  their  products. 

Is  it  nothing  but  a  rosy  picture?  Far  from 
it.  There  are  still  plenty  of  “for  lease”  signs 
around  and  many  good  people  out  of 
work.  Offshoring  and  “productivity”  gains 
also  have  had  an  impact  on  this  part  of 
the  country  But  things  are  going  in  the 
right  direction  and  that  is  all  any  of  us  can 
ask  for  at  this  point. 

Tolly  is  president  of  The  Tolly  Group,  a 
strategic  consulting  and  independent  test¬ 
ing  company  in  Boca  Raton,  Fla.  He  can  be 
reached  at  ktolly@tolly.com. 


ucts  as  I  write. 


10G 

continued  from  page  19 

“A  majority  of  the  cost  that  goes  into 
building  a  [10G]  port  still  has  to  do  with 
optics,”  says  Steven  Shalita,  a  marketing 
manager  for  Cisco’s  switch  products. 

Although  low  in  price  —  Cisco’s 
10GBase-CX4  port  costs  one-sixth  the 
price  of  the  vendor’s  lowest-cost  fiber- 
based  port  —  not  everyone  thinks  the  cur¬ 
rent  copper  10G  standard  is  enough  to 
drive  new  10G  applications. 

“We  don’t  have  a  huge  requirement  for 
what  [copper  10G]  can  offer?  says  Dave 
Wiltzius,  network  division  leader  at 
Lawrence  Livermore  National  Labor¬ 
atories  in  Livermore,  Calif.  “That  standard 
won’t  really  open  up  the  floodgates  for  our 
10G  plans.  What  really  does  open  up  the 
floodgates  is  the  price  reductions  in  gen¬ 
eral  on  10G.” 

Wiltzius  says  if  it  were  not  for  the  avail¬ 
ability  of  10G  at  less  than  $10,000  per  port, 
his  lab  would  have  continued  to  mainly 
use  channelized  1-Gigabit  links  for  its 
long-distance  and  data  center  connec¬ 
tions  between  switches.  He  adds  that  the 
lab  has  plans  this  year  to  “more  than  dou¬ 
ble”  its  50  10G  ports. 

One  strike  against  the  10GBase-CX4  stan¬ 
dard  is  its  distance  limitation  of  about  50 
feet. 

An  IEEE  study  group  was  formed  last 
November  to  look  at  10G  over  Category  5, 
6  and  7  unshielded  twisted  pair  cable, 
with  distances  of  up  to  330  feet  (the  same 
as  lOOOBase-T  Gigabit  Ethernet).The  appli¬ 
cations  for  this  technology  would  include 
data  center  connections  (larger  server 
links  and  inter-switch  links  among  back¬ 
bone  switches).  They  also  could  include 
horizontal  wiring  closet  connections, 
where  high  densities  of  Gigabit  desktop 


10  Gigabit  evolution 

Industry  watchers  expect  the  emergence  of  copper-based  10G  Ethernet  products  to  further  shrink  per-port  prices. 
Average  per-port  price  (in  thousands) 
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HP  launches  10G  products. 
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May 

Foundry  announces  its 
"Mucho  Grande"  next- 
generation  switch  with  non- 
blocking  10G  performance. 


March 

IEEE  approves  lOGBase- 
CX4  standard  for  lOG-over- 
InfiniBand  copper  cabling; 
Cisco  announces  product 
based  on  standard. 
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September  -1 
September  10G  switch  maker 

Cisco  releases  pre-standard  10G  gear.  ForcelO  Networks 

debuts. 


'Dell'Oro  Group  estimate. 


2003 


April - 

Enterasys  and  Cisco 
release  products  that 
support  full  10G 
throughput. 


November - 

IEEE  forms  a  10G 
Base-T  study 
group  for  10G 
over  Category  5 
and  6  cabling. 
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December 

Extreme  Networks 
announces  its  Black- 
Diamond  10K,  supporting 
non-blocking  10G  ports. 


users  might  be  aggregated  via  a  10G 
switch  uplink. 

“10GBase-CX4  is  a  step  in  the  right  direc¬ 
tion,  but  [it  has]  limited  reach”  says  Brad 
Booth,  chair  of  the  IEEE  lOGBase-T  Study 
Group,  in  a  presentation  on  the  technol¬ 
ogy  in  November.  Group  officials  estimate 
that  the  standard  will  be  ready  sometime 
in  mid-2006. 

“10GBase-CX4  will  have  a  tough  time 
getting  a  foothold,”  says  Andrew 
Feldman,  director  of  marketing  for 
ForcelO. “Most  people  are  not  interested 
in  using  a  technology  that  doesn’t  stick 
with  unshielded  twisted  pair  as  the 
copper  medium  of  transmission.  It  is 
important  to  note  that  a  similar  standard 
for  Gigabit  Ethernet  over  twinax 
[1000Base-CX4]  died  an  ugly  death  in 
the  marketplace." 

Network  equipment  chip  maker  Solar- 


flare  last  week  got  a  jump  on  the 
lOGBase-T  effort,  announcing  a  trans¬ 
ceiver  and  chip  technology  the  com¬ 
pany  says  can  deliver  10G  bit/sec  of 
throughput  over  Category  5,  6  and  7 
cabling  up  to  330  feet.  Solarflare  says  it 
will  have  components  available  for 
equipment  makers  by  midyear. 

“I  don’t  think  10G  copper  will  cannibal¬ 
ize  or  replace  [10G  fiber]  in  many  appli¬ 
cations,”  says  Dave  Zabrowski,  president 
and  CEO  of  S2IO,  one  of  two  vendors 
shipping  10G  server  network  interface 
cards  (NIC).  (Intel  is  the  other.)  Zab¬ 
rowski  did  not  indicate  that  S2IO  would 
release  any  copper  10G  NICs  in  the  near 
future,  but  said  he  is  “very  interested”  in 
the  technology. 

However,  the  availability  of  copper  prob¬ 
ably  won’t  be  that  much  of  a  factor  for 
most  current  10G  users. 


“Most  data  centers  already  have  fiber 
in  place  for  mission-critical  server  and 
backbone  [switch]  links,”  Zabrowski 
says,  so  copper-based  10G  won’t  replace 
any  equipment  in  those  areas.  ■ 


More  online! 

Learn  about  consolidating  your  storage,  servers  and 
applications:  Sign  up  now  to  attend  Network  World's 
Masterminding  the  New  Data  Center  event. 
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'Undelete  file  recovery 
is  fast  and  foolproof." 

-Microsoft  Certified  Professions!  Magazine 


Server  Edition 
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INSTANT  FILE  RECOVERY- 

FASTER  THAN  GOING  TO  BACKUP! 


Undelete  protects  deleted  files  and  allows  for  instant  recovery — and  it 
saves  so  much  labor  that  it  can  pay  for  itself  the  first  time  you  use  it. 

The  Windows®  recycle  bin  doesn't  capture  files  deleted  over  the  network — so  until  now, 
recovering  a  lost  file  from  your  Windows  servers  meant  a  time-consuming  restoration  from 
backup.  NEW  Undelete®  4.0  Server  Edition  captures  every  deleted  file,  and  allows  them  to  be 
instantly  recovered  with  just  a  few  clicks  of  the  mouse.  With  Undelete  Professional  Edition 
installed  on  your  workstation,  users  can  even  recover  their  own  files  from  server  Recovery  Bins. 


Get  Undelete  4.0  now,  and  put  the  worries  of  deleted  files  behind  you! 


Download  free  Undelete  trialware 
www.undelete.com/nwud41  •  800.829.6468  ext.  4268 
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Focused  Development  of  System  Management  Toots 


©2004  Executive  Software  International.  All  Rights  Reserved.  UNDELETE,  EXECUTIVE  SOFTWARE  and  the  Executive  Software  logo  are  registered  trademarks  or 
trademarks  of  Executive  Software  International,  Inc.  in  the  United  States  and/or  other  countries.  Microsoft  and  Windows  are  registered  trademarks  or  trademarks  of  Microsoft 
Corporation  in  the  United  States  and/or  other  countries.  All  other  trademarks  and  brand  names  are  the  property  of  their  respective  owners. 
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NetScreen,  the  company  protecting  many  of  the  world’s  largest 


enterprises,  now  has  security  built  to  fit  medium  enterprises 
Our  complete,  single  vendor  solutions  provide  network 


security  that’s  easily  managed.  Reduces  costs.  And  most 


importantly,  gives  your  network  the  bulletproof  protection 


it  needs  from  today’s  frequent  and  complex  attacks.  Our  unequaled 


solutions  for  large  financial,  government  and  manufacturing 


networks  have  made  us  the  world’s  fastest  growing  major  network 


security  company  over  the  last  two  years.  Now  there’s  no  more 


impenetrable  solution  for  your  business.  Call  800.638.8296  or 


visit  www.netscreen.com/company/ad/impenetrable 


skCpJf* y ;; , %  - \ tfcs&g : 

/  '•'YY  ^  '  (  V y  y  y  v  1  .  )  '  )  ■  -3  ^  \  ^  .  v.'  V  *s- 

J  >  .A  it/Jtrf' 

^  t  ^ ^  /±  \% 


>7  fy  fZ 


Deep  Inspection  Firewall  IPSec  and  SSL  VPN  j  Intrusion  Detection  and  Prevention  |  Antivirus 
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Reading  someone  else’s  copy  of 
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NetworkWorld 


NetWare  at  a  crossroads 


Apply  for  your  own  FREE 
subscription  today 

subscribenw.com/b03 


FREE  subscription 
(51  Issues ) 

Apply  online  at: 

subscribenw.com/b03 


subscribenw.com/b03 

Apply  for  your 

FREE 
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■  Opera  Software  says  it  will 
include  voice  capabilities  in  its 
updated  browser  software,  using 

IBM’s  embedded  ViaVoice 
technology,  initially  for  English 
only.  The  upgraded  browser,  which 
will  continue  to  be  offered  for  free, 
will  be  available  later  this  year, 
Opera  says. 

■  A  new  version  of  Funk  Soft¬ 
ware’s  secure  client  software 
includes  changes  to  simplify  the 
work  of  administering  hundreds  of 
wireless  clients.  Funk's  Odyssey 
Client  is  a  compact  application 
that  runs  on  PCs,  notebooks,  PDAs 
and  other  devices,  and  across  a 
range  of  Microsoft  operating  sys¬ 
tems.  It  lets  users  authenticate  via 
the  IEEE  802. lx  port-based  stan¬ 
dard.  Version  3.0  includes  features 
for  creating,  deploying  and  updating 
settings  for  the  client  devices  and 
the  network,  and  automatically 
installing  the  settings  on  those 
devices.  Also  new  is  support  for 
Novell's  Windows  client.  With 
Version  3.0,  Odyssey  users  who 
also  have  the  Novell  client  software 
now  have  a  single  logon.  Version  3.0 
costs  $50  per  device,  with  volume 
discounts  available. 

■  Gape  Clear  is  releasing  a  free  tool 
that  will  let  business-level  managers 
create  a  blueprint  for  building  a  Web 
service  destined  for  deployment  as 
part  of  a  Service  Oriented 
Architecture.  The  SOA  Editor  is  a 
graphical  tool  that  lets  users  define 
the  functions  of  a  service  such  as 
how  to  execute  a  transaction. 

The  SOA  Editor  produces  a  Web 
Services  Description  Language  file, 
a  standard  for  describing  the  fea¬ 
tures  and  functions  of  a  Web  ser¬ 
vice.  Developers  then  can  take  the 
SOA  Editor  blueprint  and  use  any 
set  of  development  tools  to  produce 
the  service.  The  tool  also  supports 
industry-specific  XML  Schema  such 
as  Acord,  Parlay  and  Swift.  The 
SOA  Editor  is  available  on  Cape 
Clear's  Web  site  and  runs  on  Linux, 
Windows,  and  Solaris. 


Symantec  preps  SMB  gateways 

Appliances  to  feature  VPN/firewall,  filtering  and  IDS  capabilities. 


■  BY  ELLEN  MESSMER 

Symantec  next  month  plans  to  ship  three 
new  gateway  security  appliances  for  use 
by  small  to  midsize  businesses  as  com¬ 
bined  VPN/firewall,  Web  filtering  and  intru¬ 
sion-detection  systems. 

The  Symantec  Gateway  300  series  is  less 
powerful  than  the  company’s  high-end 
5400  security  gateway  line,  which  includes 
an  intrusion-prevention  system  that  can 
block  all  known  attacks  at  gigabit  speeds. 
The  new  models  —  the  320, 360  and  360R 
—  will  only  recognize  about  15  of  the  most 
prevalent  attacks,  including  computer 
worms,  which  network  managers  can 
decide  to  block. 

“In  order  to  run  at  full-line  range,  we 
would  have  to  limit  the  number  of  signa¬ 
tures  it  would  detect,”  says  George  Sluz, 
Symantec’s  group  product  manager.  The 
Gateway  300  models  are  not  powerful 
enough  to  handle  intensive  IDSs  or  con¬ 
tent  inspection. 

But  the  new  series  is  relatively  low-priced, 
ranging  from  $400  to  $750,  and  it  is  a  step 


above  last  years  Gateway  100  and  200 
series,  which  reached  maximum  speed  of 
8M  bit/sec. 

Sluz  says  the  new  series  relies  on  tech¬ 
nology  acquired  in  Symantec’s  purchase 
of  Nexland  last  year.’They  were  our  partner 
in  the  100  and  200  series,  and  now  we  have 
full  access  to  their  source  code,”  he  says. 

While  the  Gateway  300  series  does  not 
perform  anti-virus  content  inspection 
directly  at  the  gateway  it  offers  a  way  to 
check  desktops  internally  to  make  sure 
they  have  the  latest  anti-virus  signature 
updates  and  anti-virus  software  activated. 

“Sometimes  people  turn  off  the  anti¬ 
virus,  especially  when  they’re  adding  new 
software,  and  they  don’t  turn  it  on  again,” 
Sluz  says.  The  Gateway  300  series  is 
designed  to  facilitate  policy  enforcement 
to  restrict  use  of  the  network  unless  anti¬ 
virus  software  policy  is  followed. 

The  new  series  also  provides  a  way  to  do 
Web-based  content  filtering  by  setting  up  a 
URL  with  “deny”  or  “allow”  lists  of  Web  sites. 

The  products  also  are  designed  to  adapt 
See  Gateways,  page  28 


The  Symantec  Gateway 
Security  300  series 


The  appliance  comes  in  three  models 
that  combine  firewall,  intrusion 
detection  and  content  filtering  for 
small  to  midsize  businesses: 

Model  320 

55M  bit/sec  throughput  with  four  LAN 
ports,  one  WAN  port,  50  simultaneous 
users;  $400. 

Model  360 

60M  bit/sec  throughput  with  eight  LAN 
ports,  dual  WAN  port,  75  simultaneous 
users;  $600. 

Model  360R 

Same  as  360,  plus  10  simultaneous  VPN 
sessions;  $750. 


New  tool  digs  for  Active  Directory  glitches 


■  BY  JOHN  FONTANA 

Availability  and  performance  tool  vendor 
Winternals  has  developed  diagnostic  soft¬ 
ware  designed  to  help  corporate  users  fer¬ 
ret  out  problems  in  Microsoft’s  Active 
Directory  that  could  knock  critical  appli¬ 
cations  offline. 

The  company  last  week  released  Insight 
for  Active  Directorya  tool  that  can  pinpoint 
the  cause  of  failures  in  applications,  such 
as  Microsoft  Exchange,  or  in  services  such 
as  DNS  that  rely  on  Active  Directory  The 
software  monitors  the  communication 
between  Active  Directory  and  the  network 
nodes  that  talk  to  it,  and  it  highlights  any¬ 
thing  that  is  outside  the  norm  of  opera¬ 
tions.  The  problems  can  arise  from  config¬ 
uration,  corruption  or  communication 
issues  within  the  directory 

“We  noticed  some  replication  problems 
we  were  having,  and  we  hooked  up  this 
tool,  and  it  almost  immediately  showed  us 
where  the  issues  were,”  says  Daryl  Shorts, 
LAN  administrator  for  Our  Lady  of  the  Lake 
Regional  Medical  Center  in  Baton  Rouge, 
La.“We  had  made  some  rule  changes  earli¬ 


er,  and  some  things  didn’t  get  removed 
from  the  directory  We  were  able  to  diag¬ 
nose  it  in  about  an  hour.”  Shorts  said  it 
might  have  taken  him  up  to  a  week  to  get 
that  diagnosis  using  Microsoft  tools  such  as 
Replication  Monitor. 

Shorts  also  uses  Insight  for  Active  Direct¬ 
ory  to  weed  out  problems  in  a  test  environ¬ 
ment  he  has  set  up  as  part  of  a  migration  to 
Windows  Server  2003  that  will  include  a 
new  Active  Directory  forest  to  serve  the 
medical  center’s  9,000  users,  300  servers 
and  10  domain  controllers  that  run  Active 
Directory 

“The  tool  is  useful  for  troubleshooting, 
but  we  won’t  use  it  for  everyday  monitor¬ 
ing,”  Shorts  says.  The  Winternals  software 
competes  with  directory  tools  from  such 
vendors  as  NetPro  and  Quest  Software. 

Insight  for  Active  Directory,  which 
installs  on  an  administrative  console, 
keeps  an  eye  on  Active  Directory  domain 
controllers  on  the  network.  The  software 
does  not  pull  operations  data  from  within 
Active  Directory;  instead  it  monitors  all 
the  Lightweight  Directory  Access 
Protocol  transactions  that  happen  be¬ 


tween  Active  Directory  and  computers 
on  the  network.  The  software  can  deter¬ 
mine  if  the  transaction  failed  and  why 

“We  tell  you  the  sentences  and  the  words 
of  the  conversation  and  the  explicit  func¬ 
tions  that  went  wrong,”  says  Jonathan 
Borden,  vice  president  of  development  for 
Winternals. 

“You  know  the  error,  where  it  is  located, 
and  you  can  use  the  information  to  track 
the  problem,”  he  says.  The  software  also 
details  the  path  to  every  object  in  the  direc¬ 
tory  to  help  trace  the  problem  in  such 
things  as  authentication  or  response  times. 

To  further  pinpoint  problems,  the  soft¬ 
ware’s  console  provides  color-coded  high¬ 
lights  of  errors  and  a  visual  representation 
of  directory  events  that  are  related. 

Insight  for  Active  Directory  starts  at  $395 
for  one  console.  Each  server  monitored 
costs  $249;  each  desktop  costs  $20.  ■ 
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WEIGHING  THE  COST  OF  LINUX  VS.  WINDOWS? 
LET  S  REVIEW  THE  FACTS. 
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Source:  Microsoft  2003  (Audited  by  META  Group) 
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One  Linux  image  running  on  One  Windows  Server  2003  image 

two  z900  mainframe  CPUs  running  on  two  900  MHz  Intel  Xeon  CPUs 


Price  Performance  Comparison:  File  Serving 
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10  times  more  expensive 

$40 

Linux  was  found  to  be  over  10  times  more  expensive  than  Windows  Server™  2003  in  a 
recent  study.  The  study,  audited  by  leading  independent  research  analyst  META  Group, 
measured  costs  of  Linux  running  on  IBM's  z900  mainframe  for  Windows-comparable 
functions  of  file  serving  and  Web  serving.  The  results  showed  that  IBM  z900  mainframe 
running  Linux  is  much  less  capable  and  vastly  more  expensive  than  Windows  Server  2003 
as  a  platform  for  server  consolidation.  To  get  the  full  study  and  other  third-party  findings, 
visit  microsoft.com/getthefacts 


©  2004  Microsoft  Corporation.  All  rights  reserved.  Microsoft,  Windows,  the  Windows  logo,  and  Windows  Server  System  are  either  registered  trademarks  or  trademarks  of  Microsoft 
Corporation  in  the  United  States  and/or  other  countries.  The  names  of  actual  companies  and  products  mentioned  herein  may  be  the  trademarks  of  their  respective  owners. 
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The  National  Cyber  Security  Partner¬ 
ship  just  released  the  first  two  of  five 
planned  reports  concerning  various 
aspects  of  cybersecurity  The  reports  are  not 
all  that  bad,  but  1  have  a  hard  time  not  dis¬ 
missing  the  whole  effort  as  a  cynical 
attempt  to  avoid  facing  up  to  reality 
The  partnership  is  an  outgrowth  of  the 
December  2003  National  Cyber  Security 
Summit  convened  in  response  to  last  year’s 
National  Strategy  to  Secure  Cyberspace. All 
the  press  coverage  I  have  seen  about  the 
two  new  reports  says  the  NCSP  was  created 
to  forestall  governmental  regulations  in  the 
area  of  computer  and  network  security  It’s 
better  to  volunteer  to  do  something  not  all 
that  hard  than  be  forced  to  do  something 


If  it  had  teeth  it  might  bite  someone 


quite  painful. 

Maybe  the  “powers  that  be”  will  be  satis¬ 
fied,  at  least  for  a  while,  and  forget  about 
this  particular  problem.  The  first  two 
reports  are  “Awareness  for  Home  Users  and 
Small  Businesses”  from  the  Awareness  and 
Outreach  Task  Force,  and  “Cyber  Security 
Early  Warning”  from  the  National  Early 
Warning  Task  Force.  Reports  from  the 
Technical  Standards  and  Common  Criteria 
Task  Force,  Security  Across  the  Software 
Development  Lifecycle  Task  Force  and 
Corporate  Governance  Task  Force  are 
scheduled  to  be  released  soon. 

The  “Awareness  for  Home  Users  and 
Small  Businesses”  report  (see  www.nwfu 
sion.com,  DocFinder:  1327)  recommends  a 
bunch  of  things  targeted  at  educating  and 
helping  home  Internet  users,  big  and  small 
businesses,  schools  and  governments 
(other  than  the  federal  government). 
Recommendations  include  developing  a 
cybersecurity  tool  kit  for  home  users,  and 
designating  September  2004  as  “Cyber  Se¬ 


curity  Month”  to  make  CEOs  at  large  com¬ 
panies  aware  of  the  cybersecurity  problem 
(assuming,  1  guess  that  these  CEOs  have 
been  in  caves  for  the  last  few  years). 

The  National  Early  Warning  Task  Force 
report  (DocFinder:  1328)  calls  for  estab¬ 
lishing  yet  another  fail-safe  national  cyber¬ 
security  early-warning  contact  network. 
The  goal  of  this  network  would  be  to 
“broaden  the  horizon  of  shared  informa¬ 
tion  regarding  cybersecurity  vulnerabili¬ 
ties,  exploits  and  incidents,  to  facilitate  the 
process  of  information  sharing  and  to  pro¬ 
vide  a  facility  for  the  rapid  dissemination  of 
critical  information,  all  within  the  frame¬ 
work  of  a  vetted  trust  community!’  In  other 
words,  tell  selected  people  when  there  is 
something  wrong. 

In  and  of  themselves  these  reports  seem 
to  represent  some  amount  of  thinking  on 
the  problems.  They  may  accomplish  the 
apparent  underlying  goal  of  the  National 
Cyber  Security  Partnership  and  keep  Con¬ 
gress  from  creating  a  legal  requirement  for 


vendors  to  pay  attention  to  security  (one  of 
the  critics  of  the  reports  compared  such  a 
requirement  to  the  federal  mandate  for 
seat  belts  in  cars).Voluntary  efforts  are  fine 
and  often  can  bring  positive  results,  but 
there  is  little  that  would  focus  corporate 
minds  better  than  being  told  they  would 
be  liable  for  damages  their  customers  suf¬ 
fer  because  of  software  failures. There  is  at 
least  one  place  that  could  happen  today:  If 
software  in  a  car’s  control  computer  goes 
wacko  and  the  vehicle  crashes  I  doubt  a 
court  would  accept  a  shrink-wrap  license 
liability  disclaimer.  But  apparently  applying 
the  same  rules  to  computer  operating  sys¬ 
tems  would  be  too  logical. 

Disclaimer:  Come  to  think  of  it,  1  expect 
Harvard  wouldn’t  want  the  same  rules  to  be 
applied  to  educating  students,  but  I  didn’t 
ask,  and  the  above  ramble  is  mine  alone. 

Bradner  is  a  consultant  with  Harvard 
University’s  University  Information  Systems. 
He  can  be  reached  at  sob@sob.com. 


Wily  focuses  on  apps  integration 

New  software  add-on  lets  managers  analyze  system  interactions, 


Oracle  readies  new 
collaboration  pack 


■  BY  DENISE  DUBIE 

Wily  Technology  this  week 
plans  to  unveil  software  to  let 
companies  go  beyond  managing 
applications  on  an  individual 
basis  by  providing  an  in-depth 
view  into  how  those  programs 
interact. 

The  add-ons  to  Wily’s  flagship 
Introscope  application  perfor¬ 
mance  management  system  are 
designed  for  Java  2  Platfrom  En¬ 
terprise  Edition  (J2EE)-based  pro¬ 
grams  linked  via  IBM’s  Web¬ 
Sphere  Business  Integration  soft¬ 
ware.  The  new  software,  dubbed 
PowerPacks,  sits  on  the  Business 
Integration  server  and  works 
with  adapters  for  Oracle, 
PeopleSoft,  SAP  and  Siebel 
Systems  applications  and  with 
adapters  for  Java  Database 
Connectivity,  JText  and  HTTP 

Existing  technology  such  as 
Java  Management  Extensions 
provides  some  management 
capabilities  for  distributed  Java 
applications,  but  doesn’t  offer 


App  integration 
interest 


of  500  companies 
polled  plan  to  invest  in 
enterprise  application 
integration 
technologies  in  2004, 
with  13%  listing  EAI  as 
a  top  priority. 

SOURCE-  AMR  RESEARCH 


enough  information  into  how 
they  perform  at  each  layer  of  a 
multi-tiered  environment,  says 
Mike  Gilpin,  a  research  fellow 
with  Forrester  Research. Wily  has 
a  reputation  for  offering  detailed 
analysis  of  Java  down  to  the 
code  instrumentation  level,  he 
says. 

Wily  executives  say  the  compa¬ 
ny’s  software  can  trace  poor  per¬ 
formance  to  a  specific  server,  a 


line  of  application  code  or  now 
at  the  interconnect  level. 

Gilpin  says  he  anticipates  that 
other  management  software  ven¬ 
dors,  such  as  BMC  Software,  Com¬ 
puter  Associates,  HP  and  IBM 
also  will  boost  their  J2EE  appli¬ 
cation  management  offerings 
eventually 

Wily  is  upgrading  Introscope  to 
Version  5.0.  One  highlight  of  the 
new  edition  is  support  for  the 
open  source  JBoss  Application 
Server. 

Introscope  includes  server  soft¬ 
ware  and  distributed  agents.  Wily 
also  offers  a  centralized  console 
called  the  Enterprise  Manager, 
which  sits  on  a  dedicated  server 
and  features  a  Web-based  inter¬ 
face  from  which  data  can  be  ana¬ 
lyzed  and  reports  can  be  viewed. 

Introscope  5.0  and  the  Power- 
Packs  are  scheduled  for  release 
in  April.  Introscope  5.0  costs 
$6,250  per  CPU.  Pricing  for  the 
PowerPacks  varies  depending  on 
adapter  and  starts  at  $500 
per  CPU.B 


■  BY  JORIS  EVERS 

Oracle  officials  last  week  said 
the  firm  plans  to  deliver  a  major 
update  to  its  collaboration  soft¬ 
ware  by  year-end,  adding  instant 
messaging,  improving  integration 
with  enterprise  applications  and 
enhancing  other  features. 

The  third  release  of  Collabora¬ 
tion  Suite  is  intended  to  make  the 
product  a  stronger  rival  to  Micro¬ 
soft’s  Exchange  and  IBM’s  Lotus 
Domino,  which  dominate  the  cor¬ 
porate  e-mail  server  market. 

The  upgrade  has  been  slow  in 
coming.  Oracle  originally  expect¬ 
ed  to  have  it  out  by  mid-year  and 
industry  watchers  had  expected 
IM  functionality  to  be  included  in 
the  second  release,  which  was 
issued  last  June.  Microsoft  and 
IBM  already  sell  IM  products. 

But  Oracle  remains  committed 
to  Collaboration  Suite,  company 
officials  say  Oracle  just  hired  Terry 
Olkin,  co-founder  and  former 
CTO  of  secure  messaging  vendor 
Secure  Data  in  Motion,  also 
known  as  Sigaba.  As  Oracle’s 
chief  architect  for  collaboration 
Suite,  Olkin  will  set  the  future 
direction  for  the  product. 

“The  challenge  is  bringing  dif¬ 
ferent  pieces  of  Collaboration 
Suite  into  an  integrated  and  easi- 
er-to-use  product,”  Olkin  says. 

Another  task  is  raising  the  prod¬ 
uct’s  profile.  “Clearly,  it  is  not  well 


known.  It’s  not  in  the  same  breath 
as  Exchange  or  Notes,”  he  says. 

Oracle  pitches  Collaboration 
Suite  as  a  less  expensive  and 
more  secure  alternative  for  cor¬ 
porate  e-mail  in  that  it  works  with 
many  user  interfaces  and  offers 
certain  benefits  because  it  is  inte¬ 
grated  with  a  common  database. 
These  benefits  include  comply¬ 
ing  with  regulations  that  require 
retention  of  all  kinds  of  electron¬ 
ic  communications,  Oracle  says. 

To  move  Collaboration  Suite 
from  playing  catch-up  with  Ex¬ 
change  and  Domino  to  a  leading 
position,  Oracle  needs  to  come 
out  with  an  innovative  messaging 
system,  Oracle  officials  say.  Aside 
from  IM,  Oracle  will  deliver  en¬ 
hanced  features  to  rival  Micro¬ 
soft’s  Windows  SharePoint  Serv¬ 
ices  group  collaboration  Web 
sites  and  improved  integration 
with  Oracle’s  enterprise  applica¬ 
tion  products,  says  Rob  Koplo- 
witz,  a  senior  director  of  product 
marketing  at  Oracle. 

The  company  said  last  year 
that  it  sold  Collaboration  Suite  to 
500  customers  in  the  12-month 
period  until  May  31,2003.  In  the 
six  months  after  that,  Oracle 
added  another  250  customers,  it 
said  in  a  financial  overview. 

Evers  is  a  correspondent  with 
the  IDG  News  Service’s  San 
Francisco  bureau. 


Gateways 

continued  from  page  25 

as  a  WLAN  firewall  gateway. 

“We  have  a  wireless  option  slot  with  it  so  you  can 
order  it  an  access  point  kit,”Sluz  says.  It  will  have  a 
802.1  lg  wireless  transceiver  and  will  support 
WLAN  802.11b  and  802.1  lg  clients.  This  conver¬ 
sion  would  outfit  the  Gateway  300  to  act  as  a 
WLAN  gateway  that  could  provide  firewall  and 


IPSec-based  VPN  support. 

Symantec  will  ship  its  own  VPN  client  with  the 
series  but  is  undergoing  testing  with  ICSA  Labs  to 
ensure  its  VPN  client  will  work  with  others. 

And  while  Symantec  will  license  its  products  to 
support  up  to  75  simultaneous  users,  the  company 
says  it  doesn’t  restrict  the  number  of  users  for  each 
gateway  or  charge  extra.The  gateways  will  actual¬ 
ly  support  more,  between  100  to  200  users,”  Sluz 
adds  ■ 


■  WIRELESS  ■  REGULATORY  AFFAIRS  ■  CARRIER  INFRASTRUCTURE  DEVELOPMENTS 


AT&T  unveils  security  alert  service 


■  BY  DENISE  PAPPALARDO 

AT&T  last  week  launched  one  of  the  first 
proactive  services  designed  to  alert  users 
that  their  network  might  be  under  attack. 

The  carrier’s  Internet  Protect  service 
relies  on  a  Security  Operating  Center  team 
manned  by  hundreds  of  security  analysts 
to  notify  customers  immediately  in  the 
event  of  an  attack,  AT&T  says.  Users  have 
been  looking  for  tools  that  are  more  proac¬ 
tive  about  letting  them  deal  with  a  worm  or 
denial-of-service  (DoS)  attack. 

“They  are  ahead  of  the  curve  at  the  secu¬ 
rity  game,”  says  Maribel  Lopez,  a  vice  presi¬ 
dent  at  Forrester  Research.  “Its  becoming 
increasingly  important  to  enterprises  going 
forward  that  they  have  a  proactive  service.” 

AT&T  guarantees  that  if  it  fails  to  proac¬ 
tively  alert  Internet  Protect  customers,  it 
will  refund  the  monthly  fee  for  the  service, 
says  Eric  Shepcaro,  vice  president  of 
emerging  services.  The  refund  will  be  at 


■  Verizon  last  week  said  the  U.S. 


General  Services  Administration  has 
authorized  it  to  compete  to  offer  long¬ 
distance  private-line  data  transmis¬ 
sion  services  to  federal  agencies  in 
the  Northeast.  These  dedicated  trans¬ 
mission  capabilities  will  be  available  to 
federal  agencies  in  Baltimore;  Boston; 
Buffalo,  N.Y.;  Norfolk,  Va.,  and 
Philadelphia,  and  the  New  York  and 
Washington,  D.C.,  metropolitan  areas. 

■  AboveNet  previously  known  as 
Metromedia  Fiber  Network,  an¬ 
nounced  a  local  offering  last  week 
called  Metro  Ethernet  service.  The 
service  offers  high-bandwidth,  point- 
to-point  local  connectivity  at  competi¬ 
tive  rates,  the  service  provider  says.  It 
includes  dedicated  fiber  connections 
between  two  sites  that  support  up  to 
1G  bit/sec  of  bandwidth.  The  service  is 
available  in  Atlanta,  Baltimore, 

Boston,  Chicago,  Dallas,  Houston,  Los 
Angeles,  New  York,  Philadelphia,  San 
Francisco,  Seattle  and  Washington, 
D.C.  Pricing  starts  at  $4,000  per 
month,  per  point-to-point  connection. 


least  $2,500,  the  starting  monthly  price  for 
the  offering. 

The  service  is  tied  in  with  the  carriers 
BusinessDirect  Web  Fbrtal,  where  IP  cus¬ 
tomers  can  monitor  network  performance, 
issue  and  track  trouble  tickets, order  circuit 
tests  and  pay  bills.  Customers  also  receive 
detailed  information  through  the  Web  por¬ 
tal  about  traffic  spikes,  ports  and  protocols 
that  are  affected,  and  security  threats 
throughout  the  Internet. 

Once  AT&T’s  staff  determines  there  is  a 
real  attack  and  not  a  false  positive,  the  com¬ 
pany  immediately  contacts  the  customer 
through  pager,  mobile  or  landline  phone. 
The  customer  then  can  access  his 
BusinessDirect  Web  Portal,  where  informa¬ 
tion  is  graphically  displayed  to  show  the 
traffic  spike  and  recommended  fixes. 

AT&T  plans  to  integrate  its  Internet 
Protect  service  with  its  Network  Based 
Firewall  service  launched  last  year,  says 
Stan  Quintana,  vice  president  of  managed 
security  services  at  AT&T. 

In  addition  to  recommending  network 
changes  that  could  stop  an  attack,  AT&T 
can  work  with  the  customer  to  make  those 
changes  at  the  Network  Firewall  level, Quin¬ 
tana  says.  AT&T  is  testing  this  capability  and 
expects  to  roll  it  out  by  early  next  year. 

The  carrier  also  announced  its  Personal 
Firewall  service  last  week. This  lets  IT  man- 


Alerting  Internet  Protect  customers 

Users  are  alerted  to  spikes  in  traffic,  the  ports  and  protocols  involved. 
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A  description  of 
what  likely  caused 
the  spike. 


Internet  Protect  has  detected  a  s?jike  in  traffic  on  /  >5B67Acp.  This  port  is 
used  by  the  IRC  (Internet  Relay  Chat),  a  datnbul//£hat  network.  The  traffic 
seemed  to  be  pert  of  a  DDoS  attack  on  a  Singapore  ISP's  FC  servers  The 
traffic  was  seen  coming  from  a  variety  of  sources  from  all  over  the  world, 
directed  at  2  specific  servers  in  Singapore.  The  traffic  consisted  of  rmltiple 
SYN  packets  and  was  part  of  a  SYN-Flood  attack 


Share  of  Flows  TCP  6667 
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Steps  customer  should  take 
to  mitigate  the  attack's 
effect  on  its  network. 


The  best  way  to  counter  a  DDoS  attack  is  \q/  ISP  or  cfretream 

provider  place  temporary  blocks  (Access  y on  ther  routers  to 
p revert  the  trefflc  from  reaching  your  seafygrs  These  temporary  Mocks  wli 
drop  the  detected  traffic  at  the  upstream  borders  and  protect  your 
gateways  from  becoming  overwhelmed  by  traffic. 
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agers  make  policy  changes  on  firewalls 
deployed  on  remote  user’s  computers  or 
laptops  to  ensure  all  employees  maintain 
company  security  policies. 


Personal  Firewall  costs  about  $3.50  to  $5 
per  user, per  month.  Internet  Protect  starts  at 
$2,500  per  month.  Both  fees  are  on  top  of  a 
customer’s  monthly  IP  service  expenses.  ■ 


IPv6  features  pass  industry  muster 


■  BY  CAROLYN  DUFFY  MARSAN 

Network  engineers  have  successfully 
demonstrated  routing,  firewalls,  quality  of 
service  and  other  key  features  of  IPv6,  the 
next  generation  of  the  Internet’s  main  com¬ 
munications  protocol,  according  to  test 
participants. 

The  tests  were  conducted  this  month  on 
Moonv6,  the  largest  native  IPv6  backbone. 
Moonv6  is  a  joint  operation  of  the  Uni¬ 
versity  of  New  Hampshire,  the  U.S.  Defense 
Department,  the  North  American  IPv6  Task 
Force  and  the  Internet2  university  consor¬ 
tium.  It  links  approximately  80  servers, 
switches  and  routers  located  in  sites  from 
New  Hampshire  to  California. 

More  than  two  dozen  vendors  including 
service  providers,  hardware  and  software 
manufacturers  participated  in  the  tests. 

“Moonv6  is  a  very  important  project 
because  it  allows  basic  testing  of  the  appli¬ 


cations  that  sit  on  top  of  the  network,  and 
that’s  crucial  to  their  rollout  for  everyday 
practice,”  says  Rick  Summerhill,  associate 
director  of  backbone  network  infrastruc¬ 
ture  for  Internet2. 

The  Moonv6  tests  were  designed  to  help 
boost  deployment  of  IPv6,  which  has 
lagged  in  the  U.S.  behind  Europe  and  Asia. 

Developed  by  the  IETE  IPv6  promises  eas¬ 
ier  administration,  tighter  security  and  an 
enhanced  addressing  scheme  over  IPv4, 
the  Internet’s  current  protocol. 

Moonv6  participants  say  they  successfully 
tested  QoS,  firewalls,  mobile  IPv6,  DNS  and 
routing  protocols.The  Moonv6  participants 
also  tested  the  performance  of  IPv6  over 
high-speed  10G  bit/sec  links. 

Ben  Schultz,  who  oversaw  the  testing  as 
managing  engineer  at  the  UNH  Interop¬ 
erability  Laboratory,  says  the  results  indi¬ 
cate  IPv6  is  clearing  hurdles  for  adoption. 

“We  were  able  to  demonstrate  that  IFV6- 


ready  firewalls  can  do  what  they  claim  to 
do,”  Schultz  says.  “In  terms  of  QoS,  we 
proved  that  IPv6-capable  routers  could 
allow  different  classes  of  traffic  and  main¬ 
tain  different  priorities. ...  In  terms  of  appli¬ 
cation  testing,  we  demonstrated  IPv6  Web- 
enabled  video  cameras.” 

This  is  the  second  set  of  tests  run  on  the 
Moonv6  backbone.  In  October,  engineers 
succeeded  in  running  FTP  Telnet  and  tele¬ 
conferencing  applications. 

The  network  will  remain  in  place  as  a 
native  IPv6  backbone  available  for  peering 
from  anywhere  in  the  world.lt  will  serve  as 
an  ongoing  testbed  for  industry,  universi¬ 
ties,  research  labs,  ISPs  and  the  U.S.  military 

“The  next  part  of  our  vision  is  to  create  a 
virtual  Internet  backbone  with  the  ability 
to  do  pre-production  IPv6  testing  for  secu¬ 
rity  multimedia  and  roaming  devices,”  says 
Jim  Bound,  chair  of  the  North  American 
IPv6  Task  Force.* 
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The  hidden  costs  of  remote  and  mobile  workers 


The  dramatic  increase  in  bandwidth  to 
remote  and  mobile  users  is  big  news 
for  IT  executives  who  manage  WANs 
and  telecom.  Recent  research  findings 
from  Nemertes  highlight  these  trends:  Not 


only  are  87%  of  workers  now  remote 
(defined  as  being  in  branch  or  remote 
offices  rather  than  headquarters),  but 
remote-access  voice  and  data  services  are 
consuming  an  ever-growing  percentage  of 
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Join  Our  Onstage 
Peer  Croup  Panel 


Exclusive  Expertise  from 
Host  Johna  Till  Johnson 


FREE  EVENT  FOR 
QUALIFIED  PROFESSIONALS 


MODERATOR 

Johna  Till  Johnson 

EXPERTISE,  TECHNOLOGY, 

AND  DEMOS  TO  HELP  YOU: 

►  classify,  secure,  audit  and 
protect  data 

►  monitor,  measure  and  manage 
applications 

power,  heat  and  cool  next- 
generation  data  centers 

►  manage  data  quality  and 
information  lifecycles 

►  strategize  business  continuity 
planning  and  data  recovery 
management 

WHO  WILL  BE  THERE? 


►  Expert  Event  Leaders 

*■  Johna  Till  Johnson,  President,  CRO, 
and  Founder  of  Nemertes  Research 

►  Sandra  Gittlen,  Events  Editor  for 
Network  World 

and  leading  data  center  professionals 
including: 

*  Network  Managers 

►  System  Architects 

*  IT  Executives 

►  CxOs 


This  event  is  limited  to  Network  and  IT 
professionals  involved  in  the  evaluation, 
purchase  and  implementation  of  data  center 
products  and  services.  Network  World  Events 
reserves  the  right  to  determine  total  audience 
and  pioftle  of  complimentary  attendees. 

Paid  registration  is  also  available. 
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rid,  blade,  utility  or  cluster  computing:  Are  you  about  to  make  a  costly  misstep? 
Storage  virtualization:  Are  you  ready  for  this  innovative  approach?  Security 
solutions:  Are  you  prepared  for  the  latest  threats? 


In  the  storm  to  consolidate  —  servers,  storage,  apps  —  there’s  never  been  a  more 
important  moment  in  the  management  of  data  centers.  And  there’s  never  been  a  Network 
World  Event  like  Masterminding  the  New  Data  Center  to  meet  the  challenge.  Here’s 
actionable  intelligence  you  can  take  away  and  use  now  to  design,  deploy  and  manage 
your  data  center  to  the  highest  industry  standards. 

You’ll  see  new  technology.  Cain  the  first-ever  results  of  a  Nemertes  Research  benchmark 
study.  And  participate  in  a  fast-paced,  ask-questions,  get-answers  event  unlike  any  other. 

While  attendance  is  free,  access  is  limited  to  professionals  who  reserve  in  advance.  Register 
now.  Reserve  your  place.  And  become  one  of  the  new  masterminds  of  today's  new  data  center. 

Advance  Reservation  by  Qualified  Professionals  is  Required  for 
Complimentary  Attendance 

Register  now  at  www.nwfusion.com/DCS4A2 
or  call  1  -800-643-4668 
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To  join  sponsors  of  this  premier  Network  World  Event,  please  contact  Andrea  D'Amato  at  1  -508-490-6520 
or  adamato@>nww.com  for  free,  no-obligation  information. 
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the  telecom  budget  —  30%  and  more. 

If  that  sounds  like  a  lot,  consider:  A  typi¬ 
cal  firm  might  spend  $50  per  month,  per 
employee,  for  cellular  services,  plus 
another  $50  per  month  for  remote  data 
access  (via  VPN  over  home  DSL  or  cable 
modem,  or  via  virtual  remote  services 
such  as  those  from  iPass  and  Fiberlink). 
Management  of  the  remote  data  services 
might  run  another  $14  to  $20  per  month, 
depending  on  the  size  of  the  organization 
and  sophistication  of  end  users.  Finally, 
employees  might  use  enhanced  mobile 
data  services  at  another  $50  per  month. 

Individually  these  numbers  don’t  sound 
like  much,  but  add  them  up:That’s  $214  to 
$220  per  employee,  per  month,  or  approxi¬ 
mately  $2,600  per  year.  A  company  with 
1,000  mobile  workers  could  therefore  eas¬ 
ily  spend  upwards  of  $2  million  annually 
on  remote  and  mobile  services.  Because 
the  typical  WAN  budget  is  on  the  order  of 
$4.9  million,  remote  voice  and  data  would 
make  up  40%  to  50%  of  such  budgets. 

The  catch  is  that  companies  often  don’t 
count  these  costs.  Often,  RIM  and  cellular 
services  are  expensed  to  business  lines, 
which  hides  the  cost  in  general  travel  and 
entertainment  figures.  This  is  particularly 
true  when  employees  are  paid  a  stipend 
for  cellular  services,  rather  than  being  part 
of  a  company-wide  contract.  Moreover, 
although  many  companies  ask  employees 
to  pay  for  their  own  Internet  access,  most 
companies  don’t  recognize  the  cost  of 
managing  Internet  VPN  services  (the  $14  to 
$20  per  month  mentioned  earlier).  Often 
this  cost  is  unbudgeted: The  IT  department 
works  yet  longer  hours  or  postpones 
important  projects  to  answer  help  desk 
calls  from  frustrated  users. 

But  hidden  costs  still  matter.  How  can  an 
IT  executive  get  a  handle  on  these  costs 
and  reduce  them  as  much  as  possible? 

The  first  step  is  to  recognize  they  exist. 
Conduct  a  company-wide  audit  to  uncover 
hidden  telecom  expenditures.  Who’s  using 
them,  and  why? 

Consider  consolidating.  Could  one  com¬ 
pany  provide  cellular  and  mobile  data  ser¬ 
vices?  Could  your  current  data  providers 
also  offer  remote  Internet  access?  Over 
time,  mobile  and  cellular  rates  are  expect¬ 
ed  to  drop  as  technology  improves  and 
local  number  portability  lets  users  “price 
hop”  for  better  rates,  so  consolidation 
could  make  sense.  But  keep  in  mind  that 
even  when  such  consolidated  services  ex¬ 
ist  on  paper,  the  telco  provider  might  not 
be  able  to  offer  consolidated  billing,  pric¬ 
ing  or  account  management  yet  —  typical¬ 
ly  the  wireless,  Internet  and  mobile  data 
services  are  separate  lines  of  business  with¬ 
in  the  provider. 

Above  all,  keep  track  of  these  “hidden" 
costs,  because  disciplined  effort  can 
reduce  them. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 
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End-to-End  SAN  Monitoring 


Reduces  Finger  Pointing,  Increases  Application  Performance 


When  application  performance  isn't  up  to  snuff,  a  company’s  entire  operation 
can  suffer.  Internally,  users'  productivity  may  decline  while  customers  trying  to 
access  externally-facing  systems,  such  as  sales  ordering  and  customer  support 
applications,  may  give  up  in  frustration,  losing  the  company  sales.  Within  the  IT 
department,  finger  pointing  among  application  and  storage  area  networking  [SAN] 
staffs  who  lack  the  proper  management  tools  can  hinder  problem  resolution. 


SAN  managers,  in  particular,  face  the  challenge 
of  trying  to  get  an  overall  view  of  SAN  performance 
from  the  disparate  management  tools  provided  by 
SAN  component  vendors.  Individual  tools  can  give 
a  manager  performance  information  about  the 
managed  component,  such  as  a  disk  array  or  a 
SAN  switch.  However,  there’s  no  way  to  correlate 
performance  data  from  all  the  individual  devices  to 
get  a  picture  of  end-to-end  performance  across 
the  entire  SAN  fabric.  Without  the  big  picture, 
managers  may  mis-identify  the  root  cause  of  a 
problem.  This  can  lead  to  investments  in  additional 
equipment-a  costly  solution  that  often  doesn't  solve 
the  original  problem. 

Consider  a  typical  problem  that  happens  in  a 
classic  setting,  such  as  a  hospital.  In  this  scenario, 
the  SAN  manager  received  alerts  from  his  switch 
management  package  that  utilization  on  key  links 
was  approaching  the  links’  maximum  capacity.  By 
the  time  he  determined  which  servers  and  applica¬ 
tions  were  involved,  the  usage  spike  had  ended. 
The  SAN  manager  had  no  way  of  recording  or 


replaying  this  event,  and  no  way  to  look  at  other 
SAN  variables  that  may  have  been  impacted  during 
the  usage  spike.  His  attempt  to  correlate  data 
from  his  various  SAN  management  tools  proved 
impossible  as  each  tool  reports  the  data  differently. 

Realizing  that  poor  performance  could  have  seri¬ 
ous  consequences  for  patient  health  care  -  for 
example,  making  it  difficult  for  surgeons  to  down¬ 
load  the  scans  needed  for  a  patient’s  medical 
procedure  -  the  SAN  manager  began  looking  for  a 
more  comprehensive  SAN  management  tool.  He 
selected  NetWisdom  from  Finisar  for  its  ability  to 
monitor  SAN  operation  end-to-end,  including  the 
tracking  of  individual  application  “conversations,” 
and  to  provide  detailed  performance  data  for  the 
SAN  fabric  in  a  consistent,  easy  to  interpret  format. 

NetWisdom’s  ability  to  monitor  accurate  applica¬ 
tion  response  times  and  capacity  rates,  latency 
experienced  through  the  SAN,  link  utilization,  and 
Fibre  Channel  and  SCSI  errors  enabled  the  SAN 
manager  to  quickly  identify  and  resolve  both  intermit¬ 
tent  and  more  persistent  problems.  He  began  by 

setting  triggers  to 


Max  Read  Exchange  Completion  Time  vs.  Capacity 


This  chart  shows  the  effect  of  Max  Read  Exchange  Completion 
times  when  capacity  is  high. 


Capacity  %  and  Max  Read  ECT  (ms) 
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this  operation  was  between  1  and  50  ms.  He 
knew  that  the  degradation  in  the  application’s 
performance  caused  by  congested  links  could 
have  a  significant  impact  on  users,  depending  on 
the  application. 

Armed  with  this  information,  the  SAN  manager 
was  in  a  position  to  consult  with  colleagues  to 
determine  the  most  cost-effective  and  efficient 
means  to  improve  SAN  performance.  Rather  than 
invest  in  SAN  switches  and  storage  arrays,  this 
group  was  able  to  re-balance  application  loads 
across  servers  and  shift  non-critical  application 
processing  and  tape  backup  to  off-peak  times. 


Without  the  big  picture, 
managers  may  mis-identify  the 
root  cause  of  a  problem. 


notify  him  when  access 
times  exceeded  certain 
thresholds  or  key  events 
occurred  and  to  record 
those  events  for  later 
review.  For  example,  in 
order  to  understand 
how  link  utilization  was 
impacting  application 
reponse  times,  he  set 
a  trigger  to  take  a  two 
minute  recording  every 
time  utilization  on  key 
links  exceeded  80%  of 
capacity. 

As  captured  in  this 
screen  shot,  he  discov¬ 
ered  that  during  periods 
of  high  usage,  the 
Max  Read  Exchange 
Completion  Time  (ECT] 
for  LUN  6B  through 
path  14aA  and  path 
3bA  hit  770.996  ms. 
Based  on  earlier  moni¬ 
toring,  NetWisdom  indi¬ 
cated  that  "normal”  for 


As  a  monitoring  tool  operating  across  the  SAN 
fabric,  regardless  of  vendor,  NetWisdom  gives  SAN 
managers  visibility  across  the  entire  SAN.  Using  a 
hardware  probe  approach  to  gather  statistics 
offers  the  most  complete  performance  analysis 
available  compared  to  software  only  monitoring 
approaches.  Its  fully  distributed  architecture  allows 
managers  to  place  probes  in  key  locations  around 
the  SAN.  Probes  operate  at  line  rate  to  perform 
real-time  monitoring  of  individual  SAN  end-device 
conversations. 

Specifically,  NetWisdom  tracks  key  SAN 
metrics  such  as  application  transaction  times  and 
capacities  at  the  link  level,  as  well  as  such  statis¬ 
tics  as  minimum,  average,  and  maximum  response 
times.  Managers  can  monitor  transactions  at  the 
initiator/target  level,  configure  alarms  and  notifica¬ 
tion  mechanisms,  record  and  play  back  statistics 
during  events,  and  perform  run-time  comparisons 
and  custom  reporting  of  a  comprehensive  list  of 
Fibre  Channel  and  SCSI  metrics. 

With  this  comprehensive  data,  SAN  managers 
can  easily  identify  problem  areas  and  perform  trend 
analysis.  Better  insight  into  the  SAN's  performance 
translates  into  less  finger  pointing,  quicker  problem 
resolution,  and  more  efficient  use  of  SAN 
resources.  The  bottom  line  for  companies  is 
improved  application  performance  and  SAN  uptime, 
which  translates  into  greater  user  productivity  and 
higher  customer  satisfaction. 


Sponsored  by  - 


F i  n  is  a  r 


The  ultimate  in  SAN  LAN  Performance  Tools 


For  more  information  visit  Finisar  at  www.finisar.com 
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enterasys 

Networks  that  Know 


These  days,  no  network  is  free  of  threats.  That’s  why  you  have  to  assign  network  security  privileges  to  everyone. 
Employees,  customers,  and  partners.  You  need  to  set  an  acceptable  use  policy  that  dictates  wfiat  each  of  them  can 
and  can’t  access.  Until  now,  you  had  to  do  this  manually. 

Not  anymore.  Now  you  can  do  what  Baylor  University  did.  Implement  an  Enterasys  Secure  Networks™  solution  with  a 
unique,  policy-based  system  that  empowers  the  network  to  allocate  resources  based  on  specific  users  and  their  roles.  The 
network  “sees”  who  the  user  is  and  assigns  privileges  accordingly.  This  improved  control  also  gives  you  more  security 

It’s  all  about  giving  you  a  smarter  way  to  network  with  central,  intuitive  management.  Find  out  more  at 
networksthatknow.coni/ Baylor.  Or  ask  any  one  of  the  many  enterprise  customers  we’ve  worked  with  for  years. 


Service  Providers 
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here  are  still  opportunities  to  make  a  better  deal 


a  3Y  TIM  GREENE 

Network  equipment  maker  Logitech  was  looking  for 
a  new  WAN  provider  because  it  was  dissatisfied 
with  its  existing  one. 

“We  were  spending  too  much  time  managing  Equant,” 
says  Pierre  Monnier,  CTO  for  the  equipment  maker. 

So  the  company  put  its  WAN  contracts  out  to  bid  with 
an  RFP  that  described  its  needs  but  left  latitude  for  carri¬ 
ers  to  use  whatever  technologies  and  services  they  felt 
would  work  best. 

The  bid  they  accepted  from  Global  Crossing  con¬ 
verged  four  networks  —  voice,  data,  video  and  back-up 
data  —  into  one, yet  costs  about  the  same  as  the  old  net¬ 
work  and  increases  bandwidth. 

“It’s  changed  the  landscape  for  what  we  can  do  on  the 
network,”  Monnier  says. 

Driven  by  dissatisfaction,  he  discovered  what  other  busi¬ 
nesses  and  industry  observers  know: Turmoil  in  the 
telecommunications  industry  has  created  opportunity  for 
bargain  hunters. 

“These  days,  if  you  go  to  a  major  carrier  with  a  lower 
competitive  bid  they  will  reduce  your  [bill]  by  a  whole 
lot  —  20%  at  least  by  a  major  carrier,”  says  David  Rohde, 
a  senior  analyst  with  TechCaliber. 

The  reasons  for  this  opportunity  include  excess  capac¬ 
ity  in  some  networks  because  of  overbuilding  in  the  late 
1990s,  hungry  competitive  carriers  freshly  emerged  from 
bankruptcy  reorganization,  and  the  crossover  of  tradi¬ 
tional  local  carriers  into  long-haul  markets  and  vice 
versa,  which  creates  more  competition. 

This  has  resulted  in  pricing  plateaus  for  voice  and  sub- 
T-l  data  lines  that  aren’t  expected  to  take  an  uptick  until 
next  year,  according  to  Gartner.  It  also  means  declining 
prices  forT-1  and  above  circuits  that  will  last  for  at  least 
the  next  two  years,  Gartner  says. 

Examples  abound 

Customers  have  been  lured  away  from  major  carriers 
purely  by  the  aggressive  pricing  of  hungrier  competitors. 
Genex.an  insurance  case-management  firm  in  Wayne, 
Pa.,  upgraded  its  routers  and  switched  over  from  a  Sprint 
frame  relay  network  to  a  Broadwing  frame  relay  service 
two  years  ago  because  it  cost  one-third  what  Sprint 
charged,  says  Victor  Yepello,  Genex’s  manager  of  network 
services. 

“Sprint  was  fine,”  he  says.” [Broadwing]  came  with  such 
a  good  deal  we  had  to  look  at  it." 

Within  the  past  year,  Broadwing  came  at  Genex  again 
with  a  proposal  to  switch  to  its  flat-rate  private  line  ser¬ 
vice  called  MultiConnect.  It  trimmed  another  25%  — 
about  $600,000  —  from  Genex’s  annual  bill  of  about 
$2.5  million, Yepello  says. 

Sprint  remains  as  Genex’s  back-up  data  carrier  and 
supplies  wireless  services  for  the  company’s  laptops, 
Yepello  says. 

He  is  following  a  strategy  that  TechCaliber’s  Rohde  and 
others  advocate. 

To  get  the  best  deals,  customers  must  give  at  least 
some  of  their  business  to  a  second  carrier  that  prices 
aggressively  and  then  will  be  hungry'  to  earn  more  of  the 
business  with  more  aggressive  bids,  Rohde  says.This  is 


Telecom  negotiation  tips 

•  Do  not  go  beyond  a  three- 
year  contract. 

•  Include  termination 
clauses  for  continued  poor 
service. 

•  Aggregate  spending  into 
one  large  contract  to  draw 
more  bids. 

•  Only  commit  to  80%  of 
projected  spending. 

•  Include  yearly,  downward- 
only  price  adjustments. 

•  Include  renegotiation  clauses  if  your  business  takes 
a  downturn. 

•  Include  technology  upgrade/change. 

•Assure  latest  technology  will  be  used. 

SOURCE:  GARTNER 


enough  to  prod  even  the  top-tier  carriers  to  make  con¬ 
cessions. “None  of  this  works  if  you’re  100%  with  one  car¬ 
rier,”  he  says. 

AT&T  last  year  said  it  was  reluctant  to  get  into  a  price 
war  with  smaller  carriers,  but  has  changed  its  tune. 

“Right  now?  Much  less  so,”  Rohde  says.“They  don’t  need 
to  meet  the  very  aggressive  bids  of  the  others,  but  they 
come  down  a  long  way  toward  it,  more  than  meet  you 
halfway’ 

Sprint  already  had  been  bidding  in  this  way  he  says, 
and  because  of  its  financial  worries,  MCI  has  been  even 
more  so,  including  international  private  lines  that  are 
about  one-tenth  that  of  AT&T. 

Others  follow  suit 

Incumbent  local  exchange  carriers  (ILEC)  —  the  for¬ 
mer  Bell  companies  —  are  likely  places  to  look  for  long¬ 
distance  bargains  as  they  try  to  bull  their  way  into  that 
market.  Similarly  the  interexchange  carriers  (IXC)  are 
cutting  good  local  deals,  says  Jay  Pultz.an  analyst  with 
Gartner. 

But  expect  growing  pains. 

“The  ILECs  and  the  IXCs  are  new  to  [these  other]  ser¬ 
vice  areas;  distressed  [carriers]  and  Tier  2/3  [carriers] 
represent  higher  financial  risks,”  he  says. 

“[ILECs]  very  often  are  the  fourth  bidder, and  they  are 
making  very  aggressive  bids  like  you’d  see  from  Global 
Crossing  or  Broadwing,”  Rohde  says. 

Competitive  local  exchange  carriers  (CLEC)  just  out 
of  bankruptcy  reorganization  —  there  are  more  than  50 
of  them  —  are  also  a  likely  place  to  get  attractive  bids, 
says  Probe  Group,  but  customers  have  to  evaluate 
whether  they  will  be  around  for  the  long  term  and  plan 
accordingly. 

“More  consolidation  will  need  to  take  place  in  order 
to  give  the  remaining  CLECs  more  scope  and  financial 
health,” says  Linda  Starr,  Probe’s  vice  president  for  U.S. 
carrier  research.“Mergers  will  take  place,  most  likely  in 


the  form  of  bigger  CLECs  making  stock  transactions  for 
smaller  players.” 

Taking  advantage  of  these  opportunities  means 
keeping  an  open  mind,  Logitech’s  Monnier  says. 
When  it  came  time  to  abandon  the  Equant  frame 
relay  service,  he  was  open  to  all  alternatives, 
including  Multi-protocol  Label  Switching,  ATM 
and  another  frame  relay  proposal. 

But  he  wound  up  with  a  Global  Crossing  private¬ 
line  T-l  network  anchored  by  Cisco  routers  and 
Packeteer  PacketShaper  devices  that  squeezed 
more  traffic  onto  the  links  and  guaranteed  ser¬ 
vice  quality  for  voice  traffic  and  delay-sensitive 
data. The  network  topology  —  four  regional  star 
networks  connected  to  a  central  data  center  as 
opposed  to  fully  meshed  —  was  readily  support¬ 
able  via  a  private  network,  he  says. 

Now  each  site  has  a  T-l ,  up  from  256K  bit/sec  or  as  low 
as  64K  bit/sec. 

Similarly  Genex  converged  its  voice  traffic  on  the  IP 
WAN,  centralizing  the  voice  network  and  generating  sav¬ 
ings  on  voice  maintenance.The  new  network  also  has 
20%  to  40%  less  latency  than  the  former  frame  relay  net¬ 
work,  he  says. 

Negotiations  key 

While  network  efficiencies  and  savings  can  go  hand  in 
hand,  analysts  and  customers  say  diligent  bargaining  is 
key  They  say  amassing  as  much  business  as  you  can  into 
one  contract  will  draw  more  bidders  simply  because  it 
represents  a  larger  prize. 

Get  your  CIO  or  IT  vice  president  on  board  with 
considering  smaller  carriers  before  seeking  bids. 
There’s  no  sense  getting  them  if  they  will  be  rejected 
out  of  hand. 

Award  some  of  your  business  to  a  second  carrier.  It 
might  not  have  an  immediate  effect,  but  it  will  make  for 
more  aggressive  bids  by  the  other  carrier  at  the  next 
contract  renewal  time.  Companies  thdt  merge  should 
leverage  the  fact  that  they  might  merge  their  carrier  con¬ 
tracts  to  stimulate  bidding  competition. 

Be  prepared  for  a  major  overhaul  of  your  network  if  it 
means  savings  and  improved  efficiency 

Swapping  out  frame  relay  carriers  was  a  huge  chore 
for  Genex,  as  was  swapping  that  out  again  for  a  private¬ 
line  service.“It  was  a  lot  of  pain;  it  was  a  lot  of  work,” 
Yepello  says. 

But  the  new  network  gives  the  option  of  lower  toll-free- 
number  bills  because  of  centralized  access  to  the  con¬ 
solidated  VoIP  network.“And  we  can’t  measure  what  it’s 
given  us  in  productivity’ he  says.“There  are  savings  we 
just  can’t  calculate.”  ■ 


More  online! 

Want  to  learn  more  about  MPLS?  Tune  into  our 
IT  Briefing  Webcast.  You'll  get  expert  insight 
from  Edge  Managing  Editor  Jim  Duffy. 

DocFinder:  1126 


Poor  performance 

Carrier  service  and 
support  will  continue  to 
be  unsatisfactory  for 

70% 

of  corporations 
until  2006. 
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■  PRODUCTS,  SERVICES  AND  STRATEGIES 
FOR  TYING  TELEWORKERS  TO  THE  ENTERPRISE 


Video  collaboration  still  slow  to  take  off 


■  BY  JASON  MESERVE 

There’s  no  doubt  personal  videoconfer¬ 
encing  tools  can  enhance  remote  employ¬ 
ees’  communication  and  productivity. 
Video  ties  together  disparate  and  often  iso¬ 
lated  workers  by  letting  physical,  visual 
nuances  shine  through.  Once  cost-prohibi¬ 
tive  and  complex,  today’s  IP-based  systems 
are  making  face-to-face  communications 
available  to  anyone  with  a  $100  Webcam. 

Many  remote  workers  already  rely  on  the 


■  Linksys  has  announced  it  will  add 

Netopia’s  parental  control  soft¬ 
ware  to  its  Wireless-G  Broadband 
Router  with  SpeedBooster.The 

Linksys  Parental  Control  Service  pro¬ 
tects  all  Internet-connected  devices 
across  multiple  platforms.  The  home 
network  administrator  sets  up  individ¬ 
ual  user  profiles,  and  can  manage  and 
monitor  Web  browsing,  e-mail  and 
instant  messaging,  and  enforce  time 
of  day  restrictions.  Linksys  will  offer  a 
30-day  trial  of  the  service,  and  then 
charge  $25  for  six  months,  $40  for  one 
year,  and  $60  for  two  years.  Trend 
Micro  announced  at  CeBit  that 
Accton  Technology,  Zyxel  Com¬ 
munications  and  others  would 
develop  anti-virus,  intrusion-detection 
and  parental  control  applications  tai¬ 
lored  to  their  home  routers  and  gate¬ 
ways  as  part  of  a  subscription  ser¬ 
vice.  Products  are  expected  in  the  fall. 

■  D-Link  Systems  and  (J.S.  Robot¬ 
ics  have  announced  upgrades  to  their 
wireless  network  equipment.  D-Link 
released  firmware  for  Xtreme  G,  its 
Super  G  wireless  network  products,  to 
help  them  interoperate  better  with 
802.11b/g  equipment.  D-Link  says 
Xtreme  G  boosts  network  perfor¬ 
mance  by  45%  in  standard  mode  and 
up  to  144%  in  Super  G  mode.  The 
firmware  is  available  now.  U.S. 
Robotics  announced  a  firmware 
upgrade  to  its  Wireless  Turbo 
equipment  that  will  boost  speeds  from 
100M  bit/sec  to  125M  bit/sec. 


presence  capability  in  instant-messaging 
tools  to  maintain  a  live  link  with  team 
members. Yet  barriers  remain  that  prevent 
video  collaboration  from  taking  hold  in  the 
workplace,  and  early  adopters  are  not  uti¬ 
lizing  it  as  effectively  as  they  could  be. 

Countrywide,  a  financial  services  firm  in 
Calabasas,  Calif.,  is  rolling  out  Arel  Commu¬ 
nications  &  Software’s  Integrated  Conferen¬ 
cing  Platform  (1CP)  to  provide  voice,  video 
and  data  conferencing  services  to  its  4,500 
remote  salespeople  and  branch-office 
workers.  Because  the  firm  plans  to  expand 
to  1 1 ,000  salespeople  by  year-end  2005,  it’s 
driven  to  make  corporate  communications 
and  training  more  accessible,  says  Teri 
Hampton, assistant  vice  president  in  charge 
of  distance  learning  for  Countrywide. 

“[Our]  salespeople  don’t  come  into  a 
branch  facility  or  the  central  office  to  get 
training  and  the  corporate  communica¬ 
tions  that  are  required  for  their  job.  They 
need  to  connect  from  home,  Realtors’  of¬ 
fices  or  wherever  they  are,”  Hampton  says. 

Although  Arel’s  ICP  is  capable  of  two-way 
video,  Countrywide  won’t  use  that  feature 
anytime  soon.  Instead,  it  will  rely  on  Arel’s 
two-way  voice  capability  to  save  the  cost  of 
a  phone  call  into  the  central  bridge,  and 
develop  training  sessions  that  will  be 
broadcast  from  instructor  to  student. 

“We’re  not  doing  two-way  video  [yet] 
because  the  Internet  is  not  great  for  that 
right  nowf  Hampton  says,  noting  that  many 
Countrywide  salespeople  use  dial-up  con- 
nections.“We’l!  probably  be  looking  at  that 
with  some  of  the  video  compression  that 
Arel  is  working  on.” 

Eric  Tveter,  COO  and  executive  vice  pres¬ 
ident  of  MasTech,  a  construction  company 
in  Coral  Gables,  Fla.,  says  videoconferenc¬ 
ing  helps  improve  business  communica¬ 
tions.  Yet  Tveter  says  the  majority  of  his 
video  use  is  personal.  He  uses  SightSpeed’s 
Video  Messenger  to  stay  in  touch  with  his 
young  son  while  on  the  road. 

“As  long  as  1  have  a  broadband  connec¬ 
tion  —  which  a  lot  of  hotels  have  now  in 
every  room  —  I  can  stay  connected  to  my 
famiiy’Tveter  says. 

So  what’s  preventing  wide-scale  adop¬ 
tion?  A  number  of  factors,  both  technical 
and  cultural. 

Bandwidth 

For  video,  bandwidth  can  be  a  three¬ 
headed  monster.  “For  a  basic  1 5-frame-per- 
second  video  call  at  one-quarter  screen 
resolution,  the  Internet  is  a  capable  net¬ 
work,”  says  Christine  Percy,  principal  of 


Bandwidth  pitfalls 

For  every  leg  of  an  IP  video  call,  there  are  potential  bottlenecks 
that  can  degrade  call  quality. 


A  remote  worker’s  typical  DSL  or  cable  connection 
can  handle  only  200K  bit/sec  video  calls  with  1/4 
screen  video.  Two-way,  full-screen,  full-motion 
video  requires  at  least  a  1M  bit/sec  connection. 


Companies’  existing  T-1  lines  are  sufficient  for 
e-mail  and  file  downloads,  but  video  calls  will 
clog  the  connection  (five  simultaneous  200K 
bit/sec  calls  use  1M  bit/sec  of  bandwidth). 


/  ”\ 

Video  calls  conducted  over  the  Internet  often 
suffer  lost  packets  and  reduced  frame  rates. 
While  groups  working  on  Internet  are  con¬ 
ducting  numerous  video  trials,  that  high-speed 
network  is  not  bogged  down  by  spam  and  file¬ 
downloading  traffic. 


Home  office 


Corporate  network 


Ferey  Research  and  Consulting  and  a  10- 
year  user  of  videoconferencing  technol¬ 
ogy.  “I’ve  proven  to  myself  and  many  peo¬ 
ple  that  [the  Internet]  is  suitable  for  certain 
video  experiences.” 

More  problematic  is  the  last  mile  on  each 
end  of  the  connection. The  Telework  Con¬ 
sortium  says  for  video  collaboration  to  be 
effective, T-l-like  speeds  that  support  video- 
conferencing  at  768K  bit/sec  or  better  are 
required.The  group  is  pushing  for  Fiber  to 
the  Home  and  other  high-speed  broad¬ 
band  technologies. 

On  the  corporate  end,  many  firms  use  T-1 
connections  to  the  office,  which  is  ade¬ 
quate  for  e-mail  and  downloads,  but  not 
video.  If  companies  are  serious  about 
video,  they’ll  need  to  invest  in  bigger  pipes 
to  the  Internet,  says  John  Starke,  president 
of  the  Telework  Consortium. 

Companies  that  require  a  quality-of-ser- 
vice  level  can  subscribe  to  a  dedicated 
video  network  such  as  GlowFbint,  where 
each  end  of  the  connection  is  T-1  or  better, 
and  the  central  network  carries  only  video 
traffic. Another  option  is  to  access  (if  possi¬ 
ble)  the  Internet2  research  network,  which 
has  better  connectivity  and  is  unencum¬ 
bered  by  the  daily  grind  of  e-mail,  Web  surf¬ 
ing  and  file  downloading. 

Firewalls  and  NAT 

Many  IP  videoconferencing  technologies 
rely  on  User  Datagram  Protocol  (UDP)  to 
transmit  between  sites.  But  strict  firewall 
implementations  sometimes  block  UDP 
When  the  Telework  Consortium  tried  to 


hook  up  a  video  call  between  the  office  of 
telework  advocate  Rep.  Frank  Wolf  (R-Va.) 
and  a  suburban  telework  center,  Capitol 
Hill’s  IT  staff  prevented  UDP  packets  from 
going  through  for  security  reasons. 

VCON  and  Ridgeway  have  developed 
technologies  that  help  pass  video  traffic 
through  such  barriers.  But  because  corpo¬ 
rate  network  security  practices  are  non- 
negotiable,  the  industry  could  help  spur 
adoption  by  developing  more  network- 
friendly  protocols. 

Network  address  translation  (NAT)  caus¬ 
es  a  related  problem.  NAT,  which  many 
small-office  routers  use  to  provide  multiple 
PCs  Internet  access  via  one  IP  address,  lets 
video  calls  go  out  but  not  come  in. 

Dialing  schemes 

How  to  connect  is  another  challenge.  Do 
you  use  an  IP  address,  e-mail  or  some  other 
sort  of  code?  There’s  still  no  standard  dial¬ 
ing  standard  for  connecting  video  users. 

But  presence  technology  could  remedy 
this.  Many  videoconferencing  firms  are 
integrating  presence  into  their  systems, 
which  lets  a  user  select  a  name  from  a  list 
and  hit  “conference”  to  connect  to  him. 

Camera-shy 

Finally  many  remote  workers  bristle  at  the 
idea  of  being  watched.  The  expansion  of 
consumer-level  video  devices  should  help 
business  users  become  more  comfortable 
with  the  technology  To  ease  into  it,  they  can 
begin  by  using  video  to  chat  with  people 
they  know,  n 
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Policy-managed  connectivity 
that  doesn’t  limit  how 
or  where  they  work. 

Now,  everywhere  is  There. 
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Can  you  guard  your  corporate  network 
without  grounding  your  mobile  workforce? 
With  iPass,  they’re  good  to  go.  The  iPass' 
Endpoint  Policy  Management  service  makes 
sure  users  are  updated  with  the  right  security 
measures  before  they  log  on,  automatically 
finding  and  fixing  problems  on  the  fly.  So 
you  can  stop  worrying,  and  your  workers  can 
keep  working — evcrylhere  they  go. 
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Get  the  iPass  Security 
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■  AN  INSIDE  LOOK  AT  THE 
TECHNOLOGIES  AND  STANDARDS 
SHAPING  YOUR  NETWORK 


802.11k  makes  WLANs  measure  up 


HOW  IT  WORKS 


802.11k 


This  proposed  standard  provides  measurement 
information  to  make  wireless  networks  more  efficient. 
One  such  feature  is  a  site  report,  which  lists  options 
for  mobile  clients  to  roam  to  for  nondisruptive 
connection  transfers. 
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Client 


O  When  the  access  point  determines  that  a  client  connected  to  it  is  moving  away  from  it,  the  access 
point  informs  the  client  to  prepare  to  move  to  another  access  point. 

©  The  client  asks  the  access  point  to  provide  it  with  a  list  of  preferred  access  points  nearby. 

©  The  access  point  responds  with  a  site  report. 

O  The  client  immediately  moves  to  the  channel  of  the  best  access  point  listed  in  the  site  report  and 
connects  to  it.  This  contributes  to  faster  uninterrupted  wireless  service. 


■  BY  DAN  SIMONE 

The  IEEE  802.11  standard  for  wireless 
LANs  enables  interoperability  between  dif¬ 
ferent  vendors’ access  points  and  switches, 
but  it  does  not  let  WLAN  systems  assess  a 
clients  radio  frequency  resources.  Conse¬ 
quently  this  limits  administrators’  ability  to 
efficiently  manage  their  networks. 

As  a  proposed  standard  for  radio  re¬ 
source  measurement, 802. Ilk  aims  to  pro¬ 
vide  key  client  feedback  to  WLAN  access 
points  and  switches.  The  proposed  stan¬ 
dard  defines  a  series  of  measurement  re¬ 
quests  and  reports  that  detail  Layer  1  and 
Layer  2  client  statistics.  In  most  cases,  ac¬ 
cess  points  or  WLAN  switches  ask  clients  to 
report  data, but  in  some  cases  clients  might 
request  data  from  access  points. 

Work  began  on  the  standard  in  late 
2002,  and  the  IEEE  expects  to  ratify  it  next 
year.  Because  802.11k  is  designed  to  be 
implemented  in  software,  existing  WLAN 
equipment  can  be  upgraded  to  support  it. 
For  the  standard  to  be  effective,  both 
clients  (WLAN  cards  and  adapters)  and 
infrastructure  (access  points  and  WLAN 
switches)  will  need  to  support  it. 

Here  are  some  of  the  measurements 


Got  great  ideas 


■  Network  World  is  looking  for  great 
ideas  for  future  Tech  Updates.  If  you 
want  to  contribute  a  primer  on  a  spe¬ 
cific  technology,  standard  or  protocol, 
contact  Amy  Schurr,  senior  managing 
editor,  features  (aschurr@nww.com). 


802. 1 1  k  defines: 

•  Roaming  decisions. 

•  RF  channel  knowledge. 

•  Hidden  nodes. 

•  Client  statistics. 

•  Transmit  Power  Control  (TCP). 

To  improve  roaming  decisions,  access 
points  or  WLAN  switches  can  provide  a  site 
report  to  clients.  The  standard  defines  a 
beacon  request,  in  which  an  access  point 
asks  a  client  to  go  to  a  specific  channel 
and  report  all  the  access  point  beacons  it 
hears.  The  access  point  collects  the  data, 
and  it  or  a  WLAN  switch  will  analyze  the 
beacon  information,  looking  at  details 
such  as  what  services  and  encryption 
types  each  access  point  supports  and  how 
strongly  the  client  heard  the  access  point. 
Then  the  switch  or  access  point  generates 
an  ordered  list  of  access  points,  from  best 
to  worst  service,  called  the  site  report. 

Currently  access  points  and  clients  can¬ 
not  share  channel  information.  With 
802.1  lk,  an  access  point  could  have  a  client 
build  a  “noise  histogram,"  which  will  display 
all  non-802.11  energy  on  that  channel.  An 
access  point  also  can  request  data  about 
channel  load  or  how  long  the  channel  was 
used  during  a  given  time.  An  access  point 
or  WLAN  switch  then  will  know  if  there’s 
too  much  interference  or  traffic  on  a  chan¬ 
nel  to  use  it  for  WLAN  services. 

Hidden  nodes  are  clients  or  access  points 
that  other  clients  or  access  points  cannot 
hear.  In  802.1 1,  nodes  listen  to  the  airwaves 
before  transmitting  to  avoid  collisions. 
When  a  hidden  node  is  present,  multiple 
nodes  can  transmit  simultaneously,  creat¬ 
ing  interference  that  degrades  WLAN  per¬ 
formance.  With  802.11k,  clients  track  hid¬ 
den  nodes  and  access  points  query  clients 
for  those  lists. This  information  tells  access 


points  about  clients  on  the  edge  of  their 
cells.  Access  points  can  use  the  informa¬ 
tion  to  direct  clients  to  access  points  from 
which  they  would  get  better  service. 

Client  statistics  are  limited  today  to  statis¬ 
tics  that  access  points  or  WLAN  switches 
maintain.  Today’s  WLANs  track  items  such 
as  retries,  packets  transmitted  and  packets 
received.  With  802.11k,  access  points  and 
WLAN  switches  can  query  all  clients  to  get 
reports  on  their  statistics.  With  both  data 
sets,  a  WLAN  system  will  have  a  more  com¬ 
plete  view  of  network  performance. 

TPC  was  defined  in  802.1  lh  to  meet  reg¬ 
ulatory  requirements  in  the  5-GHz  band  in 
Europe.With  802.1  lk, it  is  extending  the  use 


of  TPC  procedures  in  other  regulatory 
domains  and  frequency  bands  to  reduce 
interference  and  power  consumption,  and 
provide  range  control. 

Once  ratified,  802.11k  would  help  IT 
build  a  better  WLAN.  IT  will  benefit  from 
improved  control  of  the  airwaves,  and 
users  will  get  consistent  network  access, 
even  when  roaming;  fewer  disruptions  to 
applications;  and  faster  service  as  a  result 
of  improved  WLAN  utilization. 

Simone  is  co-founder  and  vice  president 
of  marketing  and  product  management  at 
Trapeze  Networks.  He  can  be  reached  at 
dan  @trapezenetworks.  com. 


Dr.  Internet  By  Steve  Blass 

How  do  I  copy  a  MySQL  database  from  one  system 
to  another? 

MySQL  provides  replication  features  that  support 
master/slave  database  server  relationships. 
Establishing  an  account  on  the  master  with  the 
replication,  slave,  super,  reload  and  select  privi¬ 
leges  will  configure  the  master  server  to  allow 
slave  servers  to  replicate  the  database  by  issuing 
the  'load  data  from  master’  command.  Before 


replicating  the  database  with  that  command,  you 
will  need  to  execute  a  'flush  tables  with  read  lock' 
command.  Another  method  is  to  make  an  archive 
of  the  database  directories  with  a  Zip  or  Tar  utility, 
and  copy  that  archive  into  the  data  directory  on 
the  other  MySQL  server.  Copying  database  direc¬ 
tories  from  the  MySQL  'data'  directory  from  one 
server  to  another  also  works  across  operating 
systems.  Don't  overwrite  the  'mysql'  database,  as 
it  contains  the  system  user  information  and  pass¬ 


words.  Copying  the  database  from  one  system  to 
another  with  this  method  doesn’t  establish  the 
master/slave  replication  relationships  needed  to 
keep  the  two  copies  synchronized.  The  MySQL 
manual  at  ww.mysql.com/dccumentation/mysql 
offers  more  information. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr.internet@ 
changeatwork.  com. 
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(FORTUNATELY 

IT’S  LOW.) 


Finally,  the  technology  of  a  supercomputer  at  a  breakthrough  price.  It’s  here  in  our  newest  IBM  eServer  BladeCenter 
server.*  The  BladeCenter  JS20  is  powered  by  the  same  chip  technology  that  drives  some  of  the  world’s  fastest 
supercomputers  -  the  innovative  POWER™  architecture  -  yet  it’s  designed  to  be  affordable.  Very  affordable.  Plus, 
BladeCenter  JS20  servers  thrive  in  both  32-  and  64-bit  environments.  And  when  slipped  into  a  complete  BladeCenter 
system,  voila,  a  single  interface  integrates  your  servers,  network  and  storage.  So  do  what  the  on  demand  world 
demands:  simplify  -  and  advance  -  your  infrastructure.  For  more  information,  visit  ibm.com/eserver/blade 


Get  all  this  only  with  IBM  eServer ™  BladeCenter systems  and  JS20  blades. 


Consolidate  multiple  applications/ 

Run  Linux  in  both  32- 

Proven,  time-tested 

Over  80%  fewer  cables 

Scale  out  (simply) 

workloads  to  reduce  TCO. 

and  64-bit  environments. 

POWER  architecture. 

than  stand-alone  servers. 

on  demand. 
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The  BladeCenter  JS20f  is  powered  by  advanced  POWER 
processor  technology.  (Slide  it  into  the  BladeCenter  system 
and  you’ve  got  the  power  to  advance  your  business.) 


'Operating  system  and  BladeCenter  chassis  sold  separately.'BladeCenter  system  with  generic  blades  depicted  above.  IBM,  the  e-business  logo,  eServer,  the  eServer  logo,  BladeCenter.  POWER  and  PowerPC  are 
trademarks  or  registered  trademarks  of  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks 
of  others.  ©  2004  IBM  Corporation.  All  rights  reserved. 
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Technology  Update 


Grokker  groks  searching 


CFARHEAD 
INSIDE  THE 
NETWORK 
MACHINE 

Mark 

Gibbs 


Last  week,  in  our  final  installment  of 
the  Cascading  Style  Sheet,  Dynamic 
HTML  and  JavaScript  saga  we  made 
a  small  typo:  When  we  discussed  the 
value  “limportant”  we  showed  “p  {font- 
weight:  normal  1  important;}”  as  an  exam¬ 
ple.  That  should  have  read  “...normal 
limportant;}”  —  that  is,  there  shouldn’t 
have  been  a  space  between  the  exclama¬ 
tion  point  and  the  word  “important.’Trivial 
we  know,  but  that  could  well  save  you  a 
major  headache  and  the  trouble  of  writ¬ 
ing  to  us  about  the  error  of  our  ways. 

First  up  this  week,  we  want  to  point  you 
to  a  real-world  use  for  a  product  we  talked 
about  a  few  weeks  ago.  The  product  is 
Xcelsius  from  Infommersion  (see  www. 
nwfusion.com,  DocFinder:  1329)  and  the 
real-world  use  is  an  updated  and  refor¬ 
matted  version  of  Gibbs’  spam  cost 
spreadsheet  (see  www.gibbs.com/msg/). 

This  is  a  great  example  of  using  Xcelsius 
to  deliver  a  powerful  picture  of  complex 
underlying  data,  and  if  you  attend  the  Net¬ 


work  World  Technology  Tour  event, 
Messaging  and  Spam:  From  Chaos  to 
Control,  you  can  hear  about  the  thinking 
and  technologies  that  provide  the  model’s 
background  (for  more  information  on  the 
event,  go  to  DocFinder:  1330). 

Which  brings  us  to  this  week’s  topic:  Web 
search  overload  and  how  to  search  better. 
With  Google  alone  indexing  about  4.3  bil¬ 
lion  pages  out  of  an  estimated  9  billion 
pages,  any  reasonably  popular  topic  you 
are  researching  will  return  more  hits  than 
you  can  easily  deal  with  (for  example,  a 
search  for  “getting  rid  of  ants”  returned 
34,500  hits). To  make  any  sense  of  this  del¬ 
uge  of  data  you  need  help. 

So  we  turn  to  a  browser  add-on  from 
Groxis  called  Grokker2,  a  visual  naviga¬ 
tion  tool  that  provides  an  interface  for 
Web  searches. 

Let  us  digress  and  explain  that  the  name 
Grokker  comes  from  the  invented  term  “to 
grok,”  which  first  appeared  in  Stranger  in  a 
Strange  Land,  a  science-fiction  novel  by 
Robert  Heinlein.  According  to  Heinlein, 
“to  grok”  means  “to  understand  something 
so  well  that  it  is  fully  absorbed  into 
oneself.” 

The  power  of  Grokker2  lies  in  its  ability 
to  automatically  organize  search  results 
and  present  them  graphically  to  make  it 


easier  to  home  in  on  groups  of  relevant 
results  and  ignore  everything  else. 

Grokker2  groups  search  results  in  a  hier¬ 
archy  of  containers  represented  by  circles 
or  squares  (you  can  choose  which  you 
prefer).  The  outer  containers  are  more 
general  than  inner  containers.  The  circle- 
based  representation  is  visually  appealing 
and  watching  Grokker2  build  an  image  is 
rather  like  watching  some  kind  of  a  colo¬ 
nial  protozoan  reproducing  under  a 
microscope. 

Clicking  in  a  category  (shown  by  a  circle 
or  square)  zooms  in  to  show  the  items 
that  can  be  sub-categories  or  URLs  (sub¬ 
categories  and  URLs  can  be  in  multiple 
categories).  Clicking  outside  a  category 
zooms  you  out  to  the  level  above. 

The  presentation  is  color-coded  and  you 
can  filter  for  specific  text,  by  ranking,  by 
domain  (such  as  commercial,  network  or 
nonprofit  —  this  depends  on  the  domains 
that  Grokker2  identifies),  and/or  by 
source  (individual  search  services). 

The  search  results  are  collected  from 
“the  Web”  (a  selection  of  general  search 
engines,  including  MSN,  AltaVista,  Teoma, 
Fast,  WiseNut  and  Yahoo),  Google,  Amazon 
or  your  local  files  (which  rely  on  the 
Windows  indexing  service). 

The  default  Grokker2  interface  consists 


www.nwfusion.com  j 


of  two  main  panes:  the  Zooming  Space, 
which  displays  the  graphical  presentation 
of  the  search  results,  and  the  Browsing 
Space,  an  embedded  Internet  Explorer 
control  that  displays  the  currently  select¬ 
ed  result  in  the  Zoom  Space. 

At  the  top  of  these  these  panes  are  con¬ 
trols  in  which  you  enter  search  terms  and 
configure  the  presentation  and  filters  to 
constrain  the  results  at  the  bottom.  You 
also  can  have  Grokker2  display  just  the 
Zoom  Space  or  just  the  Browsing  Space 
and  optionally  hide  or  show  the  filters 
and  controls. 

Grokker2’s  presentation  of  search  results 
is  extremely  effective,  providing  an  effi¬ 
cient  way  to  focus  on  useful  results.  It  lives 
up  to  the  concept  of  “grokking”  very  well. 
Our  only  complaints  are  that  the  product 
uses  up  an  enormous  amount  of  memory 
(80M  to  130M  bytes,  depending  on  the 
size  of  the  search  results)  and  lots  of  CPU 
time  to  organize  the  results.  Grokker2  also 
doesn’t  support  any  kind  of  export  or 
printing  of  results,  but  the  company  has 
announced  a  Professional  version,  due 
later  this  year, so  maybe  our  wishes  will  be 
granted.  Or  grokked. 

Deep  understanding  to  gearhead@gibbs. 
com. 


Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


CTIA  focuses  on  picture  phones 


New  cell  phones  were  the  name  of  the  game  at  the 
annual  Cellular  Telecommunications  &  Internet 
Association  show,  held  this  year  in  Atlanta. While  noth¬ 
ing  earth-shattering  came  out  of  this  year’s  show, cell  phone 

makers  continue  to  add  more 
features  to  their  devices, 
carriers  continue  to  up¬ 
grade  their  wide-area 
wireless  networks, 
and  accessory 
makers  contin¬ 
ue  to  churn 
out  acces- 
sories. 


Nokia  and 
Kyocera 
camera 
phones  get 
high  marks 


Here’s  a  look  at  what  we  liked  this  year: 

Here  come  the  megapixels  —  Camera  phones,  consid¬ 
ered  by  many  as  an  oddity  last  year,  continue  to  remain 
hot.  Almost  every  phone  maker  was  showing  off  at  least 
one  new  model  that  contained  a  1.3-megapixel  sensor.  I 
was  impressed  with  the  Sony  Ericsson 
S700  (includes  a  swivel  design  to 
open  the  phone),  Nokia  7610  and 
Kyocera  Wireless  Koi  models. 

Other  camera-related  features  be¬ 
ing  added  to  phones  include  built-in 
flash  and  zoom  lenses,  all  in  the  inter¬ 
est  of  taking  better-quality  photos. 

But  one  company  I  spoke  with,  Sozo- 
Tek,  said  the  issue  of  increasing 
megapixels  on  camera  phones 
won’t  improve  image  quality  to 
the  point  where  consumers  are 
happy  with  the  images.  Poor 
lenses,  low  light  and  flashes  that 
don’t  do  much  except  drain  bat¬ 
tery  life  and  are  more  responsible 
for  bad  camera  phone  images  than 
are  the  quality  of  the  sensor,  Sozo- 
Tek  officials  said. The  wireless  imaging 
company  has  come  up  with  technology 
that  improves  images  at  the  network  level 
instead  of  in  the  phone. The  company  is  aiming 
to  sell  this  technology  to  wireless  carriers  that 
want  to  offer  customers  ways  to  improve  their  Plantronic's  headset  fea-  Shaw  can  be  reached  at  kshaw@nww. 
camera  phone  images.  fures  hours  of  talk  com.  More  product  details  from  the  CTIA 

Bluetooth  headsets  galore — While  Bluetooth  me  an  a  s®  r  MPpiece.  sfjOW  wffl  pe  highlighted  in  the  Wireless 

as  a  wireless  method  might  be  struggling  elsewhere,  it’s  Computing  Devices  e-mail  newsletter.  Go  to  www.nw 
going  like  gangbusters  in  the  world  of  mobile  phone  fusion.com  to  sign  up  for  free. 


headsets.  Plantronics  and  Jabra  announced  new  models 
of  their  Bluetooth  headsets,  showing  a  diversification  of 
the  market  for  different  price  ranges. 

Plantronics  launched  the  entry-level  M2500  headset, 
with  features  such  as  five  hours  of  talk  time,  120  hours  of 
standby  time  and  a  softer  earpiece.  Jabra  launched  the 
BT110  (entry-level),  the  BT800  (high-end  model  that  uses 
a  digital  signal  processor)  and  BT500  (upgrade  of  the 
BT250,  and  30%  lighter)  models.  Jabra  also  made  an 
improvement  to  its  Bluetooth  adapter,  the  A210,  which 
lets  owners  of  non-Bluetooth  phoneS  use  the  Bluetooth 
headsets. With  few  cell  phone  makers  offering  Bluetooth-- 
enabled  cell  phones  for  U.S.  users,  an  adapter  might  be 
what  we  need  to  help  cut  the  cord  and  get  us  to  use  our 
headset  more. 

Better  keypad  input  —  At  a  Demo  show  a  few 
years  ago,  Digit  Wireless  came  out  with  a  keypad 
(the  Fastap)  that  makes  it  easier  to  type  in  letters 
and  numbers  (you  use  the  space  between  the 
numbers  and  a  series  of  raised  keys  to  accomplish 
this). The  company  announced  at  this  year’s  show 
a  deal  with  Telus  Mobility  and  LG  Electronics  to 
bring  out  the  world’s  first  Fastap-enabled  cell 
phone.  While  the  phone  initially  will  be  available 
only  in  Canada,  it  bodes  well  for  Digit  Wireless 
as  it  aims  to  rid  the  world  of  the  “tap  tap  tap 
to  get  one  letter”  syndrome  when  sending 
text  messages. 
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OH  TECHNOLOGY 

John  Dix 

Getting  virtual 
with  VMware 

EMC’s  $635  million  purchase  of  VMware  left  many 
people  asking, VM  who?  But  when  you  take  a  closer 
look  at  VMware  you  get:  one,  an  interesting  look  at  a 
server  virtualization  architecture  that  meshes  with  the 
emerging  data  center  model;  and  two,  a  better  idea  of 
EMC’s  grand  plan. 

The  6-year-old  company’s  claim  to  fame  is  a  run-time 
layer  called  ESX  that  sits  on  Intel  metal  and  makes  it  possi¬ 
ble  to  support  multiple  operating  system/application  stacks 
on  the  same  machine.“Basically  we  decouple  software 
from  hardware,” says  Edouard  Bugnion,  co-founder  and 
chief  architect. 

ESX’s  benefits  really  shine  when  migrating  from  one  OS 
to  another,  integrating  computing  environments  or  consoli¬ 
dating  servers.  Regarding  the  latter,  ESX  helps  companies 
contend  with  the  explosion  of  data  center  devices  that  has 
resulted  from  the  habit  of  deploying  one  box  for  every  ser¬ 
vice,  even  if  each  box  is  only  running  at  15%  to  20%  of 
capacity  VMware  customers  are  putting  in  four-  or  eight¬ 
way  Intel  servers,  loading  ESX  and  migrating  over  existing 
OS/application  stacks, some  times  realizing  20x  consolida¬ 
tion,  Bugnion  says. 

But  where  it  gets  interesting  is  when  you  combine  ESX 
with  VMware  s  management  console,  server  provisioning 
tool  and  a  new  technology  called  VMotion  that  has  been 
shipping  for  a  quarter. VMotion  lets  you  move  live, stateful 
applications  between  environments  or  machines  providing 
you  have  ESX  on  both,  they  share  storage,  and  the  source 
and  destination  are  on  the  same  subnet. 

So  in  a  blade  server  environment  using  VMware  tools,  if 
you  detect  a  server  loading  problem  you  can  slide  in  a 
new  blade,  configure  the  blade  and  migrate  running 
OS/applications  without  taking  down  the  original  server. 

That’s  possible  because  the  OS/app  stack  are  encapsul¬ 
ated  and  the  CPU,  memory,  disk  and  NIC  are  all  virtual. 
Moving  a  4G-byte  virtual  machine  over  a  1G  bit/sec  link 
takes  about  a  minute,  Bugnion  says.“We  keep  sockets  alive 
and  transactions  from  timing  out  by  hiding  latency!’ 

The  upshot  is  you  can  pool  server  resources,  optimize 
workloads  and  eliminate  the  need  to  schedule  hardware 
service  windows  —  the  nirvana  scenario  of  the  new  data 
center.  And  it  gets  better:  The  next  version  of  VMotion  will 
be  policy-based,  meaning  it  all  can  be  automated. 

Of  course,  few  companies  are  in  a  position  to  take  advan- 
kig!  of  this,  but  it  is  where  we  are  heading,  hence  EMC’s 
interest  in  VMware.  Combining  a  virtual  storage  environ¬ 
ment  with  a  virtual  server  environment,  and  then  layering 
on  content  awareness  through  its  acquisition  of  Docu- 
mentum.adds  up  to  a  powerful  EMC  story. 

—  John  Dix 
Editor  in  chief 
jdix@nww.com 
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opinions! 


No  quick  spam  fix 

Regarding  Daniel  Briere’s  column  “Quick  fix  is  no  fix 
for  spam”  (www.nwfusion.com,  DocFinder:  1324):  I 
am  a  small  network  integrator  suffering  from  the 
same  issues  Briere  discusses.The  quick  fix  for  spam 
blocking  has  created  havoc.  My  contention  is  that 
the  ISPs  are  fully  aware  of  blocks  of  IP  addresses  that 
have  been  cut  off  by  services  such  as  AOL,  but  are 
still  selling  them  to  business-class  customers  and 
then  pointing  the  finger  at  AOL  for  blocking.  While 
everyone’s  pointing  fingers,  my  customers  have  no 
service  to  specific  Internet  users. 

Kimberly  Secor 
Business  development  manager 
Electronic  Office 
Asheville,  N.C. 

Daniel  Briere  is  dead  right  when  he  says  that  quick 
spam  fixes  are  interfering  with  business.  The  biggest 
problem  is  an  innocent  company  can’t  talk  to  any¬ 
one  that  can  solve  the  problem.  Denial  is  the  word  of 
the  day  at  Road  Runner.  The  calls  to  the  “help  desk” 
just  produce  more  frustration. 

Briere’s  two  ISPs  should  stop  delivering  Road 
Runner  e-mail  to  their  customers  the  next  time  Road 
Runner  blocks  a  valid  non-spammer.  Tit  for  tat,  as 
they  say  Include  a  nice  communications  failure  mes¬ 
sage  while  they  are  at  it.  Maybe  that  will  get  Road 
Runner’s  attention. 

Jim  Hoel 
IT  consultant 
Atlas  Systems 
Independence,  Mo. 

I  agree  that  Road  Runner  is  not  the  most  clued-in 
ISP;  it  remains  unable  to  terminate  spammers  on  its 
own  network.  However,  if  Daniel  Briere  is  using 

E-mail  letters  to  jdix@nww.  com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 1 8  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


InterNap,  as  he  says,  his  problems  are  bigger  than 
Road  Runner.  ISPs  that  terminate  spammers  quickly 
don’t  end  up  on  blacklists.  But  with  InterNap  hosting 
44  spammers  on  its  system  dating  back  to  late  2002 
(source:  spamhaus.org),  it  is  understandable  that 
other  ISPs  will  block  first  and  ask  questions  later. 

Briere’s  fear  of  a  class  action  suit  is  unfounded, 
though.The  Telecom  Act  says  ISPs  can  take  any  steps 
they  deem  to  be  necessary  to  block  any  “otherwise 
objectionable”  material.  As  I  spell  out  right  in  the 
terms  of  service  on  my  domain  home  pages,  spam 
qualifies  as  objectionable.  Suits  will  seldom  survive 
summary  motion  stage,  given  that  protection. 

Charles  Oriez 
National  Legislative  Committee  member 
Association  of  Information  Technology 

Professionals 
Littleton,  Colo. 

Fixing  bad  research  and  development 

Regarding  Howard  Anderson’s  column  “Why  are  the 
R&D  labs  so  bad?”  (DocFinder:  1325):  Anderson  is 
right  in  that  the  amount  of  maintenance  work  car¬ 
ried  out  under  R&D  budgets  makes  it  easy  to  over¬ 
estimate  the  amount  of  real  new  product  develop¬ 
ment  being  done.This  is  especially  true  in  the  after- 
math  of  post-dot-com  downsizing.  The  network  ven¬ 
dors’  spending  on  R&D  went  up  in  percentage 
terms,  because  the  engineering  teams  for  some  of 
their  products  could  only  be  shrunk  by  so  much. 

The  best  thing  these  organizations  could  do 
would  be  to  create  plug-in  architectures  for  their 
software  and  hardware  products  and  license  them 
on  a  very  low  or  no-royalty  basis.  The  successful 
architectures  will  be  adopted  across  the  industry 
eventually  and  attract  an  ecosystem  of  small  inno¬ 
vative  companies,  all  adding  value,  all  potential 
future  acquisitions. 

Chris  Ebenezer 
London 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder:  1323 
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DEMO  INSIGHT 

Chris  Shipley 


Innovation  fuels  tech  growth 


i 


f  the  mood  of  more  than  600  technology 
executives,  investors  and  media  mem¬ 
bers  that  gathered  at  Demo  2004  last 
month  is  any  indication,  the  technology 
market  is  on  the  rebound.  After  a  long,  hard 
36  months,  there  is  energy,  excitement  and 
enthusiasm  in  the  mar¬ 
ketplace  again.  But  unlike  the  heyday  of  the 
Internet  boom,  this  exuberance  is  rational,  tem¬ 
pered  with  reality  and  reason. 

There  is  good  reason  to  be  excited.  The  tech¬ 
nology  industry  is  strong.  It  is  poised  for  new 
growth  fueled  by  exciting  innovation.  If  you  study  the  market  cycles 
and  look  at  the  basic  building  blocks  for  product  development  and 
company  building,  it  is  clear  that  the  fundamentals  are  in  place  that 
will  lead  to  a  dynamic,  exciting  and  innovative  marketplace  in  the 
years  to  come. 

Companies  are  moving  judiciously  into  markets,  developing  prod¬ 
ucts  and  technologies  that  are  driven  by  customer  need  and  business 
requirements.  Rather  than  a  rush  to  market,  there  is  a  rush  to  be  rele¬ 
vant  to  customers.  Many  of  the  companies  that  debuted  at  Demo  2004 
launched  their  products  with  key  customers  in  place.These  products 
are  stable,  refined  by  in-market  experience  and  at  work  in  the  world. 
In  turn,  these  quality  products  are  erasing  buyer  cynicism  borne  of 
too  many  unfulfilled  promises  and  so  little  return  on  boom-era  invest¬ 
ments  of  time,  money  energy  and  hope. 

Some  have  argued  that  the  slowdown  of  the  past  36  months  has 


DEMO 2004 


“crushed  one  entire  cycle  of  innovation.”  This  could  not  be  further 
from  the  truth.  Over  the  past  three  years,  Demo  ushered  more  than 
300  innovative  products  to  market.  These  products,  along  with  the 
tempering  of  entrepreneurs  and  technology  adopters,  have  set  the 
stage  for  the  next  wave  of  computing  by  creating  a  broad  set  of  tech¬ 
nology  commodities  and  market  readiness  on  which  to  build  new 
applications  and  businesses. 

What  does  this  next  wave  look  like?  There  are 
clues,  but  there  is  no  true  road  map.  Beyond  the 
promise  of  Moore’s  Law  and  the  laws  of  physics 
and  economics  of  volume,  there  never  has 
been  a  clear  view.  Whether  the  market  is  riding 
irrational  exuberance  or  scuttling  among  the  fallout  of  a  bursting 
bubble,  all  we  can  ever  do  is  keep  on  innovating  in  business  and 
technology. 

You  hold  the  future. You  will  invent  and  innovate.You  will  buy  and 
use  new  products  —  or  you  won’t.Your  adoption  of  technology  will 
encourage  or  defeat  initiatives  that  explore  new  concepts  enabled 
by  the  building  blocks  that  have  fallen  into  place  these  past  few 
years.The  months  ahead  hold  promise  and  change  —  and  we  can’t 
really  tell  what  lies  ahead.  But  one  thing  is  clear:  The  next  wave  has 
begun  to  build.  We  are  at  the  beginning  of  a  new  and  exciting  phase 
of  innovation  that  will  drive  the  economic  cycles  for  the  next  20 
years,  just  as  the  PC  revolution  drove  the  IT  market  in  the  past. 

Shipley  is  executive  producer  of  the  Demo  Conferences  and  a  veter¬ 
an  technology  watcher.  She  can  be  reached  at  chris@cshipley.com. 


The  fundamen¬ 
tals  are  in  place 
that  will  lead  to  a 
dynamic,  exciting 
and  innovative 
marketplace. 


ABOVE  THE  CLOUD 

James  Kobielus 


Federations  are  key  to  Internet  security 


ommon  threats  demand  common  de¬ 
fenses.  E-mail-borne  malware  —  such  as 
viruses,  spam  and  spyware  —  represents 
the  most  serious  threat  to  the  stability  and 
security  of  the  Internet-based  global  economy 
The  Internet  won’t  be  truly  safe  for  e-business 
until  we  have  a  governance  structure  that  can 
effectively  deal  with  these  and  other  cyberthreats  —  specifically  a  gov¬ 
ernance  structure  that  is  multinational,  federated  and  self-policing. 

Security  vendors  realize  their  limitations  and  have  established  com¬ 
munications  channels  for  pooling  intelligence  on  new  attacks  in  real 
time  and  formulating  countermeasures.  However,  most  multi-vendor 
coordination  efforts  still  seem  too  disjointed  to  deal  with  the  steady 
stream  of  new  cyberattacks.  One  disturbing  aspect  of  the  current  ad¬ 
hocracy  is  the  frequency  with  which  different  security  vendors  attach 
different  names  to  the  same  attack.  If  nothing  else,  vendors  should 
establish  a  common  federated  registry  nomenclature  and  procedures 
for  positively  and  unambiguously  identifying  new  malware  species. 

But  much  more  than  a  federated  naming  approach  is  necessary  to 
deal  with  these  threats. Security  vendors  should  be  pooling  all  of  their 
real-time  intelligence  —  including  patterns,  signatures,  alerts  and  filter 
updates  — into  a  common  federated  repository  available  free  to  IT 
administrators  and  users  throughout  the  world. 

The  closest  we  have  to  such  an  all-encompassing  repository  is  CERT. 
Unfortunately,  CERT  isn’t  part  of  the  official  multi-national,  federated 
governance  of  the  Internet.  Rather,  the  operation  is  funded  by  a  single 
nation,  the  U.S.  What’s  needed  is  a  CERT-like  function  that’s  governed 
and  funded  by  a  multilateral  treaty  organization. 

Anti-malware  federations  of  increasing  scope  are  necessary  for  the 
effective  self-monitoring  and  self-policing  of  the  Internet.  One  of  the 
most  noteworthy  trends  discussed  at  the  recent  RSA  Conference  2004 
was  the  growing  number  of  industry  alliances  to  deal  with  various  fed¬ 
erated-governance  aspects  of  the  mail-borne  malware  problem.  At  the 


conference  Microsoft  announced  that  several  anti-virus  vendors  have 
joined  the  Virus  Information  Alliance,  created  last  May  as  a  centralized 
clearinghouse  for  helping  users  find  information  about  the  latest  virus 
threats  affecting  Microsoft  technology  Microsoft  also  announced  the 
formation  of  the  Global  Infrastructure  Alliance  for  Internet  Safety  which 
will  facilitate  rapid  coordination  between  Microsoft  and  ISPs  world¬ 
wide  to  respond  to  malware  attacks.  These  are  worthy  initiatives,  but 
they  only  address  the  security  of  Microsoft  environments. 

Even  more  interesting  was  Microsoft’s  announcement  of  its  Caller  ID 
for  E-Mail  service  specification.This  specification  defines  extensions  to 
the  DNS  that  would  provide  e-mail  recipients  with  greater  certainty  on 
the  identities  of  message  originators,  thereby  facilitating  spam  identifi- 
cation.What’s  most  interesting  about  this  proposal  is  that  it  would  lever¬ 
age  a  ubiquitous,  federated  infrastructure  —  DNS  —  to  address  a  criti¬ 
cal  requirement  that’s  threatening  the  Internet’s  continuing  viability 
And  it’s  not  a  radical  proposal. 

Microsoft  also  called  for  the  industry  to  designate  independent  e- 
mai!  trust  authorities  (1ETA)  to  certify  the  practices  of  high-volume  e- 
mail  senders.The  vendor  did  the  industry  a  great  service  by  suggest¬ 
ing  how  various  bulk-mailer  whitelisting  initiatives  —  such  as 
TRUSTe/ePrivacy  Group’s  Trusted  Sender  program  —  might  figure 
into  a  federated  Internet  governance  structure.  lETAs  should  certify 
bulk-mailers  in  accordance  with  international  standards, and  should 
themselves  be  certified  and  supervised  by  an  Internet  governance 
authority  of  global  scope. 

Federated  governance  structures  won’t  necessarily  make  catching  the 
malware  perpetrators  any  easier.  But  they’ll  speed  collective  response 
by  the  world  community  to  new  cyberthreats  that  seem  to  emanate 
from  both  everywhere  and  from  nowhere  in  particular. 

Kobielus  is  a  senior  analyst  with  Burton  Group,  an  IT  advisory  service 
that  provides  in-depth  technology  analysis  for  network  planners.  He  can 
be  reached  at  (703)  924-6224or  jkobielus@burtongroup.com. 


Anti-malware 
federations  of 
increasing  scope 
are  necessary 
for  the  effective 
self-monitoring 
and  self-policing 
of  the  Internet 
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Opinions 

www.nwfusion.com 

Is  patch  mgmt.  the  best  pro¬ 
tection  against  vulnerabilities? 


Two  industry  insiders  debate  the  best  approach  to  dealing  with  software  flaws. 


Yes,  by  Eric  Schultze 

Patch  management  is  the  optimal  solution  to  protect  computers  against 
known  software  flaws  for  which  vendor  patches  exist.  Third-party  products 
that  attempt  to  correct  these  flaws  solely  through  firewalls,  anti-virus  software 
or  intrusion-prevention  systems  alone  are  not  reliable,  for  several  reasons. 
An  operating  system  or  application  vendor  that  releases  a  patch  is  the  only 
organization  that  truly  understands  the  nature  and  extent  of  the  flaw;  thus,  it  is  best  suited 
to  supply  the  solution.  Many  times  the  patch  corrects  more  items  and  avenues  for  attack 
than  are  known  outside  of  the  vendor,  including  knowledge  supplied  by  the  person(s) 
who  originally  found  and  reported  the  flaw.  Because  the  vendor  has  access  to  the  source 
code.it  can  identify  each  component  of  the  operating  system  or  application  that  might  be 
affected,  and  it  can  update  the  relevant  bits  of  code  to  prevent  the  flaw  in  each  instance. 

In  some  cases,  its  not  generally  known  that  a  patch  for  one  item  —  say,  a  Web  server  flaw 
—  might  also  correct  a  flaw  in  another  area  of  the  operating  system,  such  as  the  desktop 
shell.  In  these  instances,  using  an  IPS  or  firewall  to  correct  the  Web  server  flaw  might  not 
protect  the  other  vulnerable  sections  of  code.  As  noted,  only  the  vendor  knows  the  true 
extent  of  the  flaw,  so  the  vendor  is  best  positioned  to  fix  the  flaw. 

Patches  also  contain  the  latest  versions  of  the  affected  code.  Many  times,  patches  are 
cumulative,  meaning  that  the  latest  versions  of  each  file  contain  all  the  known  security 
fixes.  Applying  a  patch  ensures  that  you’re  running  the  latest  version  of  the  vendor  code, 
fixing  public  and  non-public  security  flaws  in  the  associated  code. 

As  end  users,  we  don’t  know  exactly  what  was  fixed  in  any  given  patch;  therefore,  we  can’t 
adequately  create  alternative  solutions.  Such  solutions  run  a  high  risk  of  hindering  intend¬ 
ed  functionality  and/or  not  completely  correcting  the  flaw  through  all  attack  vectors.  A 
patch,  on  the  other  hand,  is  the  vendor-supported  solution  that  addresses  all  aspects  of  the 
flaw  while  maintaining  intended  functionalityApplying  the  patch  is  the  only  way  to  ensure 
100%  remediation  against  the  reported  vulnerability 
In  short,  a  patch  or  hotfix  is  like  medicine:  It  knows  how  to  cure  the  root  of  the  flaw.Third- 
party  products  might  alleviate  the  pain,  but  they  don’t  cure  the  actual  problem.  But  ensur¬ 
ing  network  security  through  patch  management  is  no  simple  task.  It  requires  diligence 
to  stay  informed  of  available  patches,  test  the  patches  on  non-production  sys¬ 
tems,  deploy  the  patches  to  all  affected  systems  and  validate  that  they  were 
installed  properly.  Automated  patch  management  systems  can  ease  the 
chores  associated  with  keeping  your  systems  up  to  date  and  provide  peace 
of  mind  that  you're  safe  from  associated  vulnerabilities. 

Firewalls,  anti-virus  products  and  IPSs  are  excellent  solutions  for  their 
intended  uses.  But  when  combined  with  patch  management,  they  become  a 
multiple-layered,  defense-in-depth  strategy,  critical  to  keeping  a  network 
secure. 


No,  by  Steven  Hofmeyr 

Currently,  the  most  widespread  means  of  preventing  intrusions  is  patching,  and 
it’s  failing  miserably  The  number  of  security  incidents  reported  to  CERT  has 
grown  exponentially  over  the  past  six  years,  reaching  an  all-time  high  of 
137,529  in  2003,  which  was  also  the  year  that  the  Blaster  and  MS-SQL  Slammer 
worms  caused  widespread  devastation.  Patch  management  seeks  to  address 
these  issues  through  automation  that  lets  patches  be  installed  rapidly  and  without  Hercu¬ 
lean  human  effort.  But  patch  management  is  of  limited  benefit.  Consider  the  following: 

•  Faulty  patches  can  bring  down  critical  servers  and  cost  more  to  an  organization  than 
a  security  breach.  This  is  an  all-too-common  scenario:  An  analysis  by  WireX  Com¬ 
munications  and  Zero  Knowledge  Systems  indicates  that  one-fifth  of  all  new  patches  are 
revised.Hence.it  is  very  risky  to  immediately  deploy  a  patch  without  thorough  regression 
testing  to  make  sure  the  patch  will  not  cause  damage. 

•  Sometimes  vendors  do  not  develop  a  patch  because  they  mistakenly  regard  a  vulner¬ 
ability  as  unimportant  or  they  do  not  have  the  time  and  resources  to  do  so.  As  of  June 
2003,  there  were  19  unpatched  vulnerabilities  in  Microsoft’s  Internet  Explorer.  Many  of 
these  were  serious  and  resulted  in  costly  breaches  and  inconvenience  to  users. 

•  Some  vulnerabilities  cannot  be  fixed  by  patching.  Patch  management  will  not  correct 
vulnerabilities  caused  by  misconfiguration,  such  as  default  settings  that  allow  access  to 
systems  that  should  be  restricted. 

•  Vendors  cannot  develop  a  patch  if  they  are  unaware  of  the  vulnerability  Most  vulner¬ 
abilities  are  discovered  by  non-vendor  third  parties.  Legitimate  researchers  follow  respon¬ 
sible-disclosure  guidelines,  giving  vendors  time  to  develop  patches  before  announcing 
vulnerabilities.  Unfortunately  some  parties  release  vulnerability  information  without 
informing  vendors  beforehand.  In  these  cases,  patch  management  is  useless  because  it 
only  can  protect  against  vulnerabilities  the  vendor  knows  about  well  before  the  attackers. 

•  New  hacker  tools  are  reducing  the  patching  window.  These  tools  let  attackers  auto¬ 
matically  reverse-engineer  a  patch  to  determine  what  was  fixed  and  develop  an  exploit, 
sometimes  within  hours  of  patch  release.  Even  using  patch  management,  deployment 
speed  is  constrained  by  regression  testing. 

There  is  an  effective  alternative  to  patch  management:  host-based  intrusion-pre¬ 
vention  systems  (IPS).  IPSs  that  reside  on  host  computers  monitor  the  behav¬ 
ior  of  running  software  and  block  any  deviations  from  a  profile  of  normal  or 
allowed  behavior,  requiring  no  prior  knowledge  of  vulnerabilities.  IPSs  over¬ 
come  all  the  limitations  of  patch  management:  They  block  attacks  against 
unpatched  vulnerabilities  and  provide  protection  immediately,  so  there  is  no 
window  of  opportunity  for  the  attacker.  Patch  management  is  a  useful  tool  for 
reducing  the  cost  and  time  involved  in  patching,  but  it  is  a  flawed  security  solu¬ 
tion,  that  offers  limited  protection.  For  comprehensive  protection, 
IPSs  are  a  much  better  answer. 


Log  on  to  Network  World  Fusion  to  voice  your  opinion. 
Face-off  authors  Eric  Schultze  and  Steven  Hofmeyr 
will  add  their  thoughts  to  the  discussion. 

DocFinder  1422 


More  online! 


Schultze  is  chief  security  architect  at  Shavlik  Technologies,  a  provider 
of  security  analysis  and  remediation  tools  and  services  to  help  secure 
corporate  networks.  He  can  be  reached  at  eric.schultze@shavlik.com. 


Hofmeyr  is  founder  and  chief  scientist  with  Sana  Security,  a  host-based 
IPS  company.  He  can  be  reached  at  steven.hofmeyr@sanasecurity.com. 
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Apple’s  newest  cat 


OS/X  Panther  10.3  purrs  with  more 
management  savvy 


■  BY  TOM  HENDERSON,  NETWORK  WORLD  LAB  ALLIANCE 

or  a  $149  upgrade  fee,  Apples  latest  OS/X  code  provides  a  boost  in  func¬ 
tionality, VPN  support,  Microsoft  network  compatibility  and  ease  of  admin¬ 
istration,  but  not  a  noticeable  performance  increase. 


The  most  significant  difference  that  we 
found  in  our  testing  between  OS/X  10.2 
(Jaguar)  and  10.3  (Panther)  is  that 
Apple’s  previously  disjointed  manage¬ 
ment  applications  have  been  replaced 
by  one  Server  Admin  application  that 
offers  greater  control  over  most  of  the  sys¬ 
tem.  However,  Xserve  RAID  subsystem 
management  still  requires  an  extra  appli¬ 
cation.  Server  Admin  feels  similar  to 
Microsoft’s  Management  System  (MMS) 
but  lacks  plug-ins  and  multi-server  ad¬ 
ministrative  appeal. 

Several  open  source  applications  have 
been  ported  and  polished  for  Panther. 
Sendmail  is  out,  and  Fbstfix  is  in.  Apple 
also  added  open  source  client  interfaces 
from  the  Cyrus  product  that  include  sup¬ 
port  for  both  Fbst  Office  Protocol  and  In¬ 
ternet  Message  Access  Protocol  mail. 
There  is  also  an  open  source  mail  list 
manager  called  Mailman.  Managing  all  of 
these  elements  collectively  was  quick 
and  simple  using  Server  Admin. 

Apple  also  has  added  integrated  Point- 
to-Fbint  Tunneling  Protocol  and  Layer  2 
Tunneling  Protocol  (L2TP)  support  to 
facilitate  IPSec-based  VPNs.  Lacking  an 


Company:  Apple, 

www.apple.com/macosx/,  (408)  996-1010 
Price:  $995  new,  $149  upgrade  fee  Pros: 
More  astute  management  features;  more 
support  for  open  source  applications. 
Cons:  Some  integration  issues  with 
SAMBA  and  Active  Directory;  some 
rough  edges  still  exist. 


The  breakdown 
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4 

Management/ease  of  use  25% 

4.25 

Scalability  and  redundancy  25% 
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Installation  and  documention  25% 

4.25 

TOTAL  SCORE 

4.0 

Scoring  Key:  5:  Exceptional;  4:  Very  good;  3: 
Average;  2:  Below  average;  1:  Consistently 
subpar 


X.509  server  to  generate  the  VPN  key  ex¬ 
changes  needed  for  dynamic  keys, 
Apple’s  IPSec  implementation  accepts 
only  pre-shared  keys  that  Kame  gener¬ 
ates  and  therefore  lacks  the  appeal  of 
variable-key  infrastructure  in  the  Protec¬ 
ted  Extensible  Authentication  Protocol 
(PEAP)  vein.  Kame  is  an  open  source 
IPSec/IPv6  initiative. 

Because  the  bundled  L2TP  VPN  soft¬ 
ware  doesn’t  support  the  pre-draft  IPSec 
network  address  translation-traversal 
function  that  lets  VPNs  transverse  fire¬ 
walls,  an  Apple  server  running  Panther 
needs  to  be  on  the  Internet  boundary 
perimeter  to  support  L2TP 

Panther  includes  Apple’s  first  distribu¬ 
tion  of  Samba  3.0,  an  open  source  direc¬ 
tory  service  application  that  emulates  a 
Windows  NT  primary  domain  controller. 
This  lets  Windows  and  Macs  use  Apples 
Open  Directory  service  to  perform  many 
of  the  tasks  that  typically  are  completed 
by  a  Windows  Active  Directory  server. 

There  have  been  numerous  initial 
bug/security  fixes  associated  with 
Samba  3.0,  and  despite  several  automatic 
updates  to  the  code,  we  found  a  few 
issues  when  attempting  to  authenticate 
between  Panther/Samba  3.02  and 
Active  Directory. 

For  example,  when  schema  changes 
are  made  to  the  Active  Directory  data¬ 
base,  Samba  began  to  have  authentica¬ 
tion  (and  therefore  additional  Kerberos 
security  problems)  with  Active  Directory- 
based  resources.  Until  this  bug  is  sorted 
out,  we  suggest  that  such  changes  to  the 
Active  Directory  schema  be  performed 
before  adding  the  updated  Panther/ 
Samba  3.02  combination  to  a  network  . 

Apple  has  added  some  fleet  rollout 
capabilities  to  this  revision.  The  first  is 
the  ability  to  build  images  for  Mac 
clients  that  can  be  delivered  from  a 
Panther  distribution  server,  called  Net- 
Boot.  Building  the  images  was  compar¬ 
atively  simple  using  NetBoot  and  the 
new  Network  Image  Utility.  However,  we 
couldn’t  build  unique  software  IDs  for 
distributed  client  applications,  a  prob¬ 
lem  that  has  myriad  work-arounds  in 
the  Windows  world.  Fortunately  many 
Mac  applications  usually  don’t  need 
software  IDs  or  serialization  to  work 
properly  and  legally. 


Another  new  feature  called  Network 
Install  uses  NetBoot  methods  to  roll  out 
applications  and  updates.  It  bundles 
applications  and/or  folders  into  pack¬ 
ages  that  can  be  distributed  in  a  number 
of  different  ways.  Fleet  server  update/ 
rollout  for  Panther  is  managed  on 
Xserve  systems  via  another  new  element 
called  Server  Assistant.  While  not  as 
handy  as  other  server  fleet  distributors 
we’ve  tested,  the  Server  Assistant  is  a 
step  in  the  right  direction  in  terms  of 
having  a  means  of  rolling  out  this  oper¬ 
ating  system  across  a  large  network. 

In  terms  of  security,  Apple  has  made  it 
easier  to  manage  how  files  get  encrypted 
with  the  FileVauIt  file  encryption  soft¬ 
ware  that  comes  bundled  with  its  oper¬ 
ating  system.  Specifically  Apple  has  sim¬ 
plified  how  administrators  control  en¬ 
cryption  authorization,  key  storage  (so 
that  keys  can  be  recovered),  and  key 
generation.  Panther  also  limits  the  en¬ 
cryption  capabilities  to  home  directo¬ 
ries  rather  than  to  application, system  or 
library  root  areas. 

While  we  found  only  nominal  perfor¬ 
mance  increase  —  our  performance 
tests  yielded  nearly  identical  Web-based 


The  features  included  in  the  latest  version 
of  Apple’s  OS/X  -  called  Panther  -  point  to 
the  company's  determination  to  be  taken 
seriously  in  the  enterprise. 


and  disk  I/O  numbers  as  that  seen  with 
OS/X  10.2  tests  (www.nwfusion.com, 
DocFinder:  1322)  —  Panther  shows  a 
determination  on  Apple's  part  to  be 
taken  seriously  in  the  server  operating 
system  market. 


Henderson  is  managing  director  of 
ExtremeLabs  of  Indianapolis.  He  can  be 
reached  at  thenderson@extremelabs. 
com. 


®1  How  We  Did  It 


We  installed  Panther  on  two  Xserve  platforms  that  use  G4  processors. 

All  installations  took  place  over  updated  and  working  OS/X  10.2.6 
Jaguar  installs.  We  tested  the  NetBoot  and  Network  Install  applications 
on  the  Xserve  servers,  and  tested  the  disk  imaging  on  PowerBook  Titanium  G4 
notebooks. 

The  network  infrastructure  consisted  of  a  Gigabit  Ethernet  network  (D-Link 
Systems  and  HP  Gigabit  Ethernet  switches),  Mac  clients  (Mac  G4,  three  Power- 
book  Titanium  notebooks),  several  PCs  (various  HP/Compaq,  Sony  and  Toshiba 
notebooks;  various  desktop  Windows  XP-based  PCs),  two  Linux  devices  (Com¬ 
paq  DL360  G3  servers)  and  a  FreeBSD  server  (whitebox  P4). 

We  tested  Panther  using  Lightweight  Directory  Access  Protocol  database  con¬ 
sisting  of  500  user  profiles  within  a  default  LDAP  schema.  We  deployed  Xserve 
and  Panther  on  an  Active  Directory-based  network  (Microsoft  2003  Enterprise 
Server  running  on  a4-CPU  Compaq  DL-580  network).  We  linked  Panther/Xserve 
to  the  Active  Directory. 

We  also  subjected  the  Panther/Xserve  combination  to  the  same  performance 
regimen  used  when  we  tested  the  Jaguar/Xserve  combination  with  Spirent’s 
WebAvalanche  application  (see  DocFinder  1322).  We  saw  very  little  change 
between  the  two  versions  in  terms  of  the  three  tests  that  we  performed. 

We  also  tested  Panther  with  Apple's  Xserve  RAID  subsystem  and  found  no 
appreciable  performance  changes  in  terms  of  boot  time,  volume  mounts  or 
copies  using  BSD  copy  commands  or  Mac-specific  copy  commands. 
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One  event  puts  you  at  the  core  of  enterprise  networking 


Enterprise  networking  decision-makers  today  must  understand  all 
relevant  communication  technologies,  from  virtual  private  networks 
to  wireless  LANs,  storage  to  security,  applications  to  infrastructure. 
That's  why  SUPERCOMM  remains  the  premier  event  for  private 
and  public  sector  enterprise  leaders. 
Enterprise@SUPERCOMM  features  leading 
exhibitors  showing  a  vast  array  of  enterprise 
technologies.  It  also  includes  a  FREE  educational 
curriculum,  covering  key  enterprise  topics. 


And,  since  enterprise  decisions  encompass  the  total  range  of 
communication  technologies,  we  further  provide  a  window  into  Broadband, 
Converged  Wireless  and  the  entire  Global  Infrastructure.  As  a  result,  in  a  few 
days  or  even  hours,  you  can  get  a  comprehensive  view  of  interrelated 

trends  in  every  area  of  communications. 
Join  the  enterprise  network  leaders  who 
make  SUPERCOMM  a  must-attend  event. 
Take  advantage  of  FREE  registration  and 
surround  yourself  with  solutions. 


SUPERCOMM 


Explore  the  Whole  World  of  Communications 


June  20-24  2004  Exhibits  June  22-24  McCormick  Place  i  Chicago  IL  supercomm2004.com 


SUPERCOMM*  is  a  registered  trademark  of  the  Telecommunications  Industry  Association  (TIA)  and  the  United  States  Telecom  Association  (USTA). 
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A  more  visual  way  to  trace  routes 


Visualware's 
VisualRoute  8.0a 


■  BY  BARRY  NANCE,  NETWORK  WORLD  LAB  ALLIANCE 


Knowing  the  locations  of  IP  addresses  that  access  your  Web  servers,  send 
you  e-mail  or  try  to  steal  your  company’s  confidential  data  can  be  helpful. 
Tracking  a  hackers  address  to  a  location  across  town  —  and  not  North 
Korea  —  suggests  which  law  enforcement  agency  to  notify 


Visualware  says  its  VisualRoute  soft¬ 
ware  graphically  displays  traceroute 
network  path  information,  including 
destination  and  intermediate  hop  loca¬ 
tions  on  a  zoomable  world  map  that 
tells  you  precisely  where  and  how  traf¬ 
fic  is  flowing  between  two  Internet 
nodes.The  company  says  its  highly  visu¬ 
al  network  path  analysis  can  help  net¬ 
work  managers  more  easily  and  pro¬ 
ductively  troubleshoot  network  connec¬ 
tivity  problems. 

VisualRoute  8.0a  (the  company 
recently  released  Version  8.0b)  showed 
that  the  software  is  better  than  a  typical 
command-line  traceroute  utility.  Visual- 
Route  graphs  hop-to-hop  time  intervals 
to  help  identify  network  bottlenecks, 
and  its  Internet  Control  Messaging 
Protocol-based  network  path  informa¬ 
tion  is  accurate  and  runs  on  several 
platforms. However,  its  location  informa¬ 
tion  was  often  incorrect  or  missing,  the 
user  interface  was  sluggish,  its  error 
messages  were  cryptic,  and  it  has  some 
glaring  bugs.  We  also  wished 
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VisualRoute  8.0a 

1  LU 

3.3 

Company:  Visualware,  www.visualwane.com 
Cost:  Personal  Edition  $50,  Server  Edition 
starts  at  $249  Pros:  Useful  response  time 
graphs;  multi-platform.  Cons:  Location 
information  is  too  often  wrong;  sluggish  user  | 
interface. 


The  breakdown 


Trace  accuracy  20% 


Location  accuracy  20% 


Platform  support  20% 


Ease  of  use  20% 


Documentation  10% 


Installation  10% 


TOTAL  SCORE 


3.3 


Scoring  Key:  5:  Exceptional;  4:  Very  good;  3: 
Average;  2:  Below  average;  1:  Consistently 
subpar. 


VisualRoute  could  integrate  with  our 
Web  servers  to  show  where  site  visitors 
were  located  instead  of  having  us  enter 
each  URL  or  address  one  at  a  time  (see 
“How  we  did  it,”  page  48). 

Tracing  our  steps 

VisualRoute  is  Java-based  software 
that  installs  on  Windows,  Mac  OS  X, 
Solaris  and  Linux  platforms.  The  install 
process  put  some  Win32  Dynamic  Link 
Libraries  on  our  hard  drive  and  inserted 
several  entries  in  our  Windows  registry, 
implying  that  VisualRoute’s  architec¬ 
ture,  despite  its  “write  once,  run  any¬ 
where”  Java  underpinnings,  relies  to 
some  extent  on  operating  system-spe¬ 
cific  helper  software  and  might  run  dif¬ 
ferently  on  a  non-Windows  machine. 
The  VisualRoute  Server  version  adds  a 
Web  server  component  (which  lets  you 
use  a  client  computer’s  browser  to 
remotely  access  the  VisualRoute  func¬ 
tions),  and  applications  Ping  Grapher 
and  E-mail  Tracker. 

VisualRoute’s  traceroute  data  accu¬ 
rately  and  graphically  depicted  the 
routers,  switches  and  other  pingable 
connection  points  between  our 
source  node  and  any  remote  site  we 
specified. While  tracing  a  path,  the  tool 
dynamically  listed  the  hops’  identities 
and  response  times,  showed  a  percent 
completed  progress  indicator  and  dis¬ 
played  messages  such  as  “Analysis: 
VisualRoute  can  connect  to  ‘ftp. 
Microsoft.com’, but  had  problems  trac¬ 
ing  the  route.  It  is  an  FTP  server.” 
VisualRoute’s  graph  of  response  times 
and  informative  analysis  messages 
make  it  a  better  route  tracer  than  the 
ubiquitous  command-line  utility. 

VisualRoute’s  location  data  was  cor¬ 
rect  slightly  more  than  75%  of  the  time 
for  domestic  sites,  and  about  50%  cor¬ 
rect  for  overseas  sites.  For  example,  it 
correctly  noted  that  www.times.kg  (The 
Times  of  Central  Asia  newspaper)  is  in 
Bishkek,  Kyrgyzstan.  However,  it  didn’t 
know  that  the  axrOOmsy-7-O-O-l. bell- 
south. net  router  is  in  Mississippi.  In  one 
case,  the  program  got  confused  over  the 
location  of  www.ahram.org.eg  (a  gov¬ 
ernment-controlled  Egyptian  newspa¬ 
per  in  Egypt).  VisualRoute  traced  it  to 
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VisualRoute  draws  data  paths  on  its  global  map  and  displays  traceroute  information  in  a 
table  format. 


Egypt  and  beyond  —  to  the  Nether¬ 
lands.  It’s  actually  in  Egypt,  but  the  ISP 
appears  to  have  offices  in  the  Nether¬ 
lands  (see  graphic, page  46). We’d  prefer 
that  VisualRoute  draw  a  question  mark 
instead  of  an  endpoint  when  it  finds  the 
destination  location  information  is 
missing  or  doesn’t  correspond  exactly 
to  the  destination  IP  address. 

For  more  intensive  diagnosis  of  net¬ 
work  ills, VisualRoute  can  look  for  other 
open  ports  besides  Port  80  (HTTP).  It 
told  us,  for  example,  whether  POP3,  FTP 
Simple  Mail  Transfer  Protocol  or  DNS 
services  were  running  on  a  particular 
server. 

With  a  set  of  mail  headers,  the  E-mail 
Tracker  application  geographically 
locates  an  e-mail’s  sender.  Ping  Grapher 
displays  a  line  graph  resulting  from  a 
series  of  pings  of  a  specific  URL  or  IP 
address.  Another  feature  is  the  Visual- 
Route  Server,  which  is  a  Web  server  that 
lets  users  view  VisualRoute  statistics 
from  their  own  client  computers. 
Security  options  provides  restricted 
access  for  specific  clients. 


The  application  would  be  more  useful 
if  it  obtained  and  displayed  Maximum 
Transmission  Unit  (MTU)  values  from 
the  devices  it  pings.  MTU  values  indi¬ 
cate  the  sizes  of  the  data  pipes  and  thus 
let  you  gauge  the  degree  to  which  pack¬ 
et  fragmentation/defragmentation  will 
occur  in  a  data  path.  VisualRoute  also 
should  have  an  option  to  integrate  with 
Web  servers  (such  as  those  from 
Microsoft,  Netscape  and  Apache),  e- 
mail  servers  and  other  Internet  accessi¬ 
ble  servers  to  show,  in  real  time  and 
without  having  to  type  each  URL,  the 
location  of  a  site’s  users. 

Ease  of  use 

VisualRoute  displays  a  zoomable 
global  map  in  one  window  and  a  table 
of  columns-  (containing  the  route 
trace  data)  in  another.  For  each  hop, 
the  columns  show  IP  address,  node 
name,  location,  time  zone,  response 
time  (in  milliseconds),  a  vertical  line 
graph  of  response  time  and  the  name 
of  the  network  that  owns  the  hop.  The 
columns  update  dynamically  during 
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VisuaiRoute  identified  the  correct  locations  of  the  following  sites. 


Web  site 

Description 

Location 

www.times.kg 

Central  Asia  times  newspaper 

Bishkek,  Kyrgyzstan 

www.irna.ir 

Iranian  news  agency 

Santa  Clara 

www.jihadoniine.com 

Anti-U.S.  Web  site 

Kuala  Lumpur,  Malaysia 

www.tehrantimes.com 

Iranian  government  news 

Arlington,  Va. 

www.aljazeera.net 

Arab  news  site 

San  Francisco 

VisuaiRoute’s  locations  were  wrong  for  several  other  sites. 


Web  site/description 

www.paknews.com  (Pakistan  news) 
www.metimes.com  (Middle  East  news) 
www.ihepeninsuiaqatar.ccm  (Qatar  daily  news) 
www.ahram.org.eg  (Egyptian  newspaper) 
www.ct.gov  (state  of  Connecticut) 
www.fl.gov  (state  of  Florida) 
www.harvard.edu  (Harvard  University) 

each  tracing  operation,  and  VisuaiRoute 
takes  no  more  time  to  perform  a  trace 
than  the  command-line  traceroute 
utility. 

However,  the  user  interface  was  slightly 
sluggish,  especially  when  we  viewed  or 
dismissed  the  Preferences  window,  and 
also  when  we  zoomed  in  or  out  of  the 
map. 

You  can  position  the  map  above  or 
below  the  trace  table,  and  you  can  elim¬ 
inate  the  table  or  map  view.  A  mouse 
drag  can  resize  columns,  and  you  also 
can  hide  specific  columns.  For  any  hop 
or  site  you  click  on,  VisuaiRoute  per- 


VisualRoute  said 

Dallas 
Dallas 
Dallas 
Netherlands 
Boston 

No  location  data 
NewYork 

forms  a  Whois  lookup  and  displays  the 
response.  As  with  the  VisuaiRoute  loca¬ 
tion  data,  the  Whois  information  is  only 
as  accurate  as  the  data  entered  by  the 
sites  or  links  network  administrator. 

The  friendly  traceroute  interface  is  only 
skin-deep  in  places.  When  we  told  its  Web 
server  component  to  use  Port  80,  which 
we  knew  was  already  in  use, VisuaiRoute 
complained  with  a  pop-up  Java  program¬ 
ming  error  message:  “java. net. Bind 
Exception:  Address  in  use  (Port=80) 
(Port=80  maxusers=5  sockets=l).”  Visual- 
Route  also  leaves  the  previous  traceroute 
path  on  the  global  map  while  it  updates 


the  table  columns  with  information  from 
the  current  tracing  effort.  Only  when  the 
tracing  effort  finishes  will  it  erase  the  pre¬ 
vious  path  and  draw  the  next  one.  We  also 
noticed  that  it  got  confused  about  which 
table  entry  our  mouse  cursor  was  point¬ 
ing  to  when  we  clicked  an  entry  to  run  the 
Whois  lookup  or  when  we  used 
VisuaiRoute’s  pop-up  URL  history  selec¬ 
tion  list  box.  We  had  to  click  on  entry 
three,  for  example,  to  get  information  for 
entry  six. 

Installation  was  straightforward.  The 
documentation  consists  of  Adobe  Acro¬ 
bat  PDF  files.  The  help  menu  entries  take 
you  to  Visualware’s  support  Web  site,  let 
you  provide  product  feedback,  take  you 
to  the  VisuaiRoute  home  page,  let  you 
read  some  VisuaiRoute  frequently  asked 
questions,  explain  how  to  purchase  the 
product  (for  trial  users),  let  you  sign  up 
for  the  VisuaiRoute  newsletter  and  display 
the  product’s  version  information.  There 
are  no  tutorials  or  reference  explanations 
for  using  VisuaiRoute. 

The  application  certainly  reveals  more 
information  than  the  command-line 
traceroute  utility.  The  response  time 
graphs  are  useful,  and  the  global  map 
location  information  (when  accurate) 
can  show  you  exactly  where  your  data  is 
flowing  to  or  from.  While  the  location 
information  is  bound  to  become  more 
accurate  over  time,  currently  it  isn’t  very 
reliable. 


Nance,  a  software  developer  and  consul¬ 
tant,  is  the  author  of  Introduction  to 
Networking,  4th  Edition  and  Client/Server 
LAN  Programming.  He  can  be  reached  at 
barryn  @erols.  com. 


®  How  We  Did  It 


Our  testing  aimed  to  see 
whether  VisuaiRoute  could 
solve  network  connectivity 
problems  faster  than  the  command¬ 
line  traceroute  utility  and  be  accu¬ 
rate  in  comparing  the  VisuaiRoute 
analysis  with  traceroute  lists  the 
command-line  method  displays.  We 
also  aimed  to  check  accuracy  of 
VisualRoute's  location  information  by 
talking  to  Web  site  administrators 
(such  as,  “Is  your  site  really  in 
Dallas?"),  and  officials  at  AT &T 
WorldNet,  Level  3  Communications 
and  MCI.  We  also  looked  for  a 
responsive,  intuitive  user  interface 
and  multiple-platform  support. 

We  installed  VisuaiRoute  on  a  Win¬ 
dows  2000  Advanced  Server  machine 
on  our  lab’s  six-segment  Fast 
Ethernet  network.  Each  segment 
consists  of  a  server  and  25  clients,  all 
connected  to  the  Internet  viaT-1  and 
frame  relay  lines.  To  access 
VisualRoute's  Web-based  interface, 
we  used  Internet  Explorer  6.0. 


Actual  site  location 

Nevada 

Nevada 

Miami 

Egypt 

East  Hartford,  Conn. 
Tallahassee,  Fla. 
Boston 


Gaining  Strength, 
Reaching  Farther 

Today  there's  just  one  universal  truth  about  Wireless  LANs:  the  design,  management,  and  buying  decisions  you  make  now  will  determine  the  effectiveness 
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of  your  enterprise  network  for  years  to  come.  Which  is  the  top  reason  to  attend  Wireless  LANs:  Gaining  Strength,  Reaching  Farther,  a  new  Network 
World  Technology  Tour  event.  It  brings  together  the  intelligence,  innovations,  and  solutions  you  need  to  move  confidently  forward. 

Advance  Reservation  by  Qualified  Professionals  is  Required  for  Complimentary  Attendance 
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To  join  sponsors  of  this  premier  Network  World  Event,  please  contact  Andrea  D'Amato  at  1  -508-490-6520  or  adamato@nww.com  for  free,  no-obligation  information. 


Introducing  Raritan's  Dominion  KX. 
Now  KVM  over  IP  is  like  being  there 
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Now  you  can  be  everywhere  you  need  to  be.  Instantly.  Because  now  you  can  access,  diagnose  and  monitor  servers  -  even  the  worst 
server  problems  -  in  any  location  in  the  world  without  ever  leaving  your  chair.  With  Raritan's  19  years  of  innovation  in  the  Data 
Center,  you  now  have  the  newest  and  most  dependable  choice  for  an  integrated  KVM  over  IP  switch:  Dominion  KX.  It's  a  plug-and- 
play  appliance.  It's  incredibly  scalable.  It  works  even  when  your  network  is  down.  And  by  encrypting  all  KVM  data,  including  video, 
KX  provides  the  industry's  most  secure  KVM  over  IP  technology.  It's  the  KVM  option  that  will  make  other  options  obsolete. 

To  schedule  a  test  drive,  call  1-800-724-8090  x925  or  visit  us  at  www.raritan.com/925 


Command 

Center 

J 

Dominion 

KX 

J 

Dominion 

sx 

4 

Dominion 

KSX 

The  KX  Digital  KVM  Switch 
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Raritan's  Dominion™  KX.  Better  KVM  Over  IP. 
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Choosing  a  telecom  consultant 

Do  some  legwork  to  avoid  getting  burned  by  the  consulting  company  you  keep. 


■  BY  RICHARD  LONGVIEW 

From  negotiating  the  next  telecom  contract  to 
selecting  the  new  VoIP  platform,  many  IT  executives 
turn  to  outside  consultants  for  help.  Not  every  en¬ 
gagement  is  successful,  though  many  of  the  prob¬ 
lems  that  occur  can  be  avoided  if  more  time  is  spent 
choosing  and  managing  consultants. 

Whether  you’re  considering  using  a  telecom  consultant  with  little 
experience  or  a  veteran  firm,  what  follows  are  some  guidelines  to  get¬ 
ting  the  services  you  need. 

The  title  of  consultant  is  used  somewhat  generically  in  the  industry 
so  know  what  type  you’re  seeking.The  biggest  risk 
is  bringing  in  someone  who  acts  as  a  representa¬ 
tive  for  a  carrier  or  hardware  provider  when  you 
want  an  unbiased  professional  working  solely  in 
the  best  interest  of  your  business.This  poses  a  con¬ 
flict  of  interest  between  the  consultant  getting  the 
best  deal  on  your  behalf  and  earning  the  highest 
commission. 

There  are  three  types  of  consultants  in  the  tele¬ 
com  industry:  captive,  biased  and  unbiased. 

A  captive  consultant  is  one  who  usually  recom¬ 
mends  or  works  with  one  “preferred"  vendor  for 
client  projects.  For  example,  IBM  has  a  global 
alliance  with  AT&T  and  generally  quotes  AT&T 
network  services  on  projects.  Another  potential 
concern  is  that  IT  consulting  firms  moving  into 
telephony  projects  also  act  as  Cisco  authorized  resellers. 

A  caution  sign  should  light  up  if  you  hear  a  consulting  firm  announce 
a  joint  marketing  or  business  relationship  with  a  vendor  or  carrier.  Peruse 
the  consultancy’s  Web  site  and  press  releases  to  see  if  there  are  arrange¬ 
ments  that  could  affect  the  consultant’s  ability  to  be  independent. 

A  biased  consultant  is  one  who  generally  steers  the  client  to  a  hand¬ 
ful  of  vendors  or  carriers  with  whom  the  consultant  has  a  business 
relationship.  Not  surprisingly,  these  consultants  often  factor  the  best 
commission  rate  for  the  deal  into  their  selection  methodology  A  warn¬ 
ing  bell  should  go  off  anytime  you  hear  phases  such  as, “we  get  paid 
by  the  carriers” or“our  consulting  is  free  to  you.”When  a  vendor  or  car¬ 
rier  Web  site  lists  authorized  consultants  or  marketing  partners,  this  is 
a  tip-off  that  the  consultant  has  a  biased  agenda. 

Unbiased  consultants  don’t  have  financial  relationships  with  any  ven¬ 
dor  or  conflicts  of  interest  that  affect  their  recommendations.  If  you  want 
an  independent  consultant  who  will  work  strictly  in  the  best  interest  of 
your  business,  build  clauses  pertaining  to  conflicts  of  interest  and  ethics 
into  the  contract.  Organizations  such  as  the  Society  of  Telecommuni¬ 
cations  Consultants  and  the  Institute  of  Management  Consultants  can  be 
good  starting  points  for  finding  unbiased  consultants. 

All  three  types  of  telecom  consultants  have  a  role  in  the  market¬ 
place.  Some  IT  executives  use  a  captive  or  biased  consultant  because 
they  feel  someone  with  a  vested  interest  will  work  harder  to  make  sure 
customers  remain  satisfied  with  a  product  or  service.  As  carrier  sup¬ 


port  staffs  get  smaller,  having  another  knowledgeable  person  in  the 
fight  with  you  can  be  valuable.  At  other  times,  certain  projects  call  for 
an  unbiased  resource. 

Once  you  decide  what  type  of  consultant  you  need,  don’t  get  caught 
by  the  classic  bait-and-switch  method  some  consulting  firms  use  to  sell 
their  services. This  is  when  the  “A’ team  sells  you  on  the  company  and 
closes  the  deal  and  then  the  junior“B”team  shows  up  to  do  the  work. 

Worse  yet  is  the  practice  of  sending  consultants  fresh  out  of  school  to 
work  on  a  project.This  can  result  in  a  lot  of  frustration  and  wasted  time 
on  the  clients’  part  when  they  realize  they  are  paying,  sometimes  hun¬ 
dreds  of  dollars  per  hour,  to  train  new  consultants. 

This  happened  to  one  of  our  clients  when  a  new  consultant  with  a  big 
firm  saw  the  telecom  manager’s  AT&T  phone  bills  and  suggested  mov¬ 
ing  to  a  VoIP  system.  After  asking  the  consultant  how  he  arrived  at  this 
recommendation,  the  frustrated  client  ended  up  having  to  explain  that 
his  AT&T  OneNet  bill  was  for  several  services  that  were  bundled  in  one 
invoice.  The  consultant  lacked  the  experience  to 
know  that  these  charges  were  not  for  on-net  usage 
between  the  clients  sites  and  that  moving  to  VoIP 
would  not  make  all  those  expenses  go  away 
If  you’re  impressed  with  the  knowledge  and  expe¬ 
riences  of  specific  consultants  during  the  sales 
process,  consider  putting  it  in  writing  that  those  par¬ 
ticular  people  are  required  to  work  on  the  project. 

Another  “gotcha”  is  to  get  sucked  into  a  long-term 
contingency-based  telecom  bill  auditing  agree¬ 
ment.  With  staffs  so  lean, some  businesses  have  got¬ 
ten  good  results.  However,  be  sure  you  know  what 
you’re  getting  into.  A  telecom  auditing  firm  in  New¬ 
port  Beach,  Calif.,  uses  a  consulting  service  agree 
ment  that  requires  clients  to  give  the  firm  half  of 
any  savings  produced  for  the  next  five  years. 

This  agreement  is  so  onesided  in  favor  of  the  consultant  that  if  the 
client  conducts  its  own  contract  negotiations  with  carriers  during  the 
fiveyear  period,  the  consulting  firm  gets  50%  of  any  savings  or  cost 
reductions  for  work  it  wasn’t  even  part  of. 

Most  companies  today  can  get  a  good  consultant  to  agree  to  a  con¬ 
tingency-based  auditing  deal  that  lasts  for  12  months  and  gives  you 
the  final  rights  to  approve  or  reject  any  savings  items  or  ideas  the  con¬ 
sultants  present  without  penalty 

Finally,  taking  the  time  upfront  and  working  with  your  consultant  to 
write  out  a  detailed  scope  of  work  can  be  critical  to  your  projects  suc- 
cess.The  scope  of  work  defines  each  of  the  project  deliverables  you’re 
expecting,  what  form  the  deliverables  will  be  in  and  a  timeline  for 
achievement  of  milestones.  A  good  description  of  the  scope  of  work 
ensures  that  both  the  client  and  consultant  know  what  to  expect. 

A  few  years  ago,  1  worked  with  several  consultants  on  a  large  nation¬ 
wide  network  services  RFP  A  larger  company  acquired  the  client  and 
canceled  the  project  after  about  70%  of  the  work  was  done.  The  con¬ 
sulting  scope-of-work  agreement  had  linked  several  project  milestones 
to  progress  payments  along  the  way,  minimizing  what  could  have  been 
a  heated  debate  on  how  to  terminate  the  work. 

Longview  is  president  of  Telecom6 1 1  .com, a  consulting  firm  that  serves 
midsize  to  large  corporations.  He  can  be  reached  at  rlongview@ 
telecom6l  I  com. 


A  caution  sign  should 
light  up  if  you  hear  a 
consulting  firm 
announce  a  joint  mar 
keting  or  business 
relationship  with  a 
vendor  or  carrier. 


www.nwfusion.com 


CONSULTING  CONTRACT 

pointers 

Don’t  be  misled  by  a 
biased  consultant  who 
won’t  work  in  your  com¬ 
pany’s  best  interest. 

Do  include  a  consulting 
“conflicts  of  interest” 
statement  with  financial 
penalties  and  require 
your  consultant  to  dis¬ 
close  any  vendor  rela¬ 
tionships. 

Don’t  be  sold  by  the 
consultant’s  “A”  team  and 
end  up  with  the  “B”  team. 

Do  specify  the  consul¬ 
tants  you  want  in  your 
agreement  and  rights  to 
have  any  of  the  consul¬ 
tant’s  team  replaced  if 
they  are  not  skilled. 

Don’t  give  up  the  right 
to  terminate  the  agree¬ 
ment  at  any  time  for  any 
reason. 

Do  include  a  clear  ter¬ 
mination  clause  in  the 
agreement  and  clearly 
defined  milestones  linked 
to  any  fees  paid  to  the 
consultants. 

Don’t  sign  long-term 
contingency-based  con¬ 
sulting  contracts  in  a 
rapidly  changing  market¬ 
place. 

Do  make  sure  any  con¬ 
tingency-based  consult¬ 
ing  deals  are  limited  to 
not  more  than  one  year 
and  that  you  have  the 
right  to  reject  any  “sav¬ 
ings  items.” 

Don’t  be  overcharged  by 
having  to  pay  for  the  con¬ 
sultant’s  time  if  a  work 
deliverable  has  to  be  re¬ 
done  for  errors. 

Do  include  a  guarantee 
and  warranty  clause  that 
states  the  consultant 
must  re-do  any  unac¬ 
ceptable  work  at  no 
charge  until  you  accept  it. 

Don’t  waste  your  time 
having  vague  verbal 
agreements  on  what  work 
Is  expected. 

Do  include  a  detailed 
project  scope  of  work 
that  clearly  defines  the 
work  to  be  done,  progress 
checks  and  what  is 
included  for  the  fees 
you’re  paying. 
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Rose  Electronics 
1 0707  Stancliff  Road 
Houston,  Texas  77099 

ROSE  US  +281  933  7673 

ROSE  EUROPE  +44(0)1264  850574 

ROSE  ASIA  +65  6324  2322 

ROSE  AUSTRALIA  +617  3388  1540 


800  333  9343 

WWW.ROSE.COM 


KVM  RACK  DRAWER  WITH  KVM  SWITCH  OPTION 


Compatible  with  Windows,  Linux,  Solaris,  and  other  0/5 
Connects  to  PS/2,  Sun,  USB,  or  serial  devices 
Converts  RS232  serial  to  VGA  and  PS/2  keyboard 
Free  lifetime  upgrade  of  firmware 
Security  features  prevent  unauthorized  access 
Full  emulation  of  keyboard  and  mouse  functions  for  automatic, 
simultaneous  booting 
Easy  to  expand 


UPROSE 

ELECTRONICS 


Scaling,  scrolling,  and  auto-size  features 

Secure  encrypted  operation  with  login  and  computer 

access  control 

Advanced  visual  interface  (AVI) 

No  need  to  power  down  servers  to  install 
Free  lifetime  upgrade  of  firmware 
Available  in  several  models 
Easy  to  expand 


A  KVM  switch  allows  single  or  multiple 
workstations  to  have  local  or  remote  access  to 
multiple  computers  located  in  server  rooms  or 
on  the  desktop  regardless  of  their  platforms 
and  operating  systems.  KVM  switches  have 
traditionally  provided  cost  savings  in  reducing 
energy  and  equipment  costs  while  freeing  up 
valuable  real  estate. 


Recognized  as  the  pioneer  of  KVM  switch 
technology,  Rose  Electronics  offers  the 
industry's  most  comprehensive  range  of 
server  management  products  such  as  KVM 
switches,  extenders  and  remote  access 
solutions.  Rose  Electronics  products  are 
known  for  their  quality,  scalability,  ease  of  use 
and  innovative  technology. 


Rose  Electronics  is  privately  held  with  world- 
headquarters  in  Houston,  Texas  and  sells  its 
products  worldwide  through  a  large  network  of 
Resellers  and  Distributors.  Rose  has 
operations  in  the  United  Kingdom,  Spain, 
Germany,  Benelux,  Singapore  and  Australia. 


SERVERS  WITHIN  YOUR  REACH 
FROM  ANYWHERE 
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Console  Management? 


$SH  or  Out-iand  Access  to 
Consoles  at  Remote  Locations 


8*  Secure  Shell  (SSHv2)  Encryption 
B  Simultaneous  SSH  or  Telnet 


The  SCM-16  Secure  Console  Management  Switch  provides  in-band  and 
out-of-band  access  to  RS232  console  ports  and  maintenance  ports  on  UNIX 
servers,  routers  and  any  other  network  elements  which  have  a  serial  console 
or  craft  port.  System  administrators  can  access  serial  maintenance  ports 
over  the  network  via  SSH  connections  and  simple  menu-driven  commands, 
or  through  a  discrete  TCP  port  connection  mapped  directly  to  one  of  the 
SCM-16  serial  outputs. 


Visit  website  for  complete  NetReach™  product  line. 


B  Non-Connect  Port  Buffering 
an  SYSLOG  Reporting 
Si  SNMP  Capability 
a  Any-to-Any  Port  Switching 
SI  IP  Security  Features 
SI  10/100  Base-T  Ethernet  Port 

■  Port-specific  Password  Protection 
B  Data  Rate  Conversion 

■  11 5/230 VAC  or  -48VDC  Models 


(800)  854-7226  •  www.wti.com 

5  Sterling  •  Irvine  •  California  92618-2517 
(949)  586-9950  •  Fax:  (949)  583-9514 


western  telematic  incorporated 
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Famatech 


How  fast  can  you  get  to  your 
server,  if  you  are  1000  miles 
away?  Two  hours  by  plane. 
Fourteen  hours  by  car.  A 
month,  if  you  run.  Only  a  few 
seconds  with  RADMIN. 

RADMIN  is  a  reliable  and 
secure  remote  control 
software  designed  to  work  on 
and  monitor  the  remote 
computers  just  as  if  they 
were  right  there  in  front  of 
you.  RADMIN  proved  itself 
as  incredibly  fast  and  easy  to 
learn  and  use.  RADMIN  is  a 
complete  remote  control 
solution  with  such  features  as 
file  transfer,  NT  security, 
Telnet  and  multiple 
connections  support  built  in. 

See  details  at: 
www.radmin.com 
e-mail:  sales@radmin.com 


Production  Tracking  Over  Ethernet 


HQQBQQ 

BBB^9Q^9 

BBBBBB1 

UIBBSG3B 


Eliminate  your  shop-floor 
PCs  with ... 

Ethernet  Terminals  from 
ComputerWise  connected  to 
your  in-house  LAN. 

Capture  production  data 
directly  into  files  on  your 
server. 


Features  C  Benefits 

•  Interactive  Telnet  Client 

•  TCP/IP  over  10/IOOBaseT  Ethernet 

•  Built-in  Barcode  Badge  Reader 

•  Optional  Mag-Stripe  &  RFID  Badge  Reader 

•  Auxiliary  RS-232  Serial  port 

•  Customizable  Data  Collection 

Program  Included  _  _ 

•  Larger  keyboard  and 
display  sizes  available 
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Introducing  tfte  n%vj 

HotBrick  femlfy  of 
firawiiils  &  man&gscij 
secura  switches.** 
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Call  for  more  Info  (866)  468-2742 

or  visit  us  online  at  www.hotbrlck.com 


Get  your 
Free  Personal 
firewall  software 

www.hotbrick.com/download 


Don’t  get  hacked,  get  HotBriCk 


In  business  since  1989 
Specialists  in  Linux,  BSD,  X86  Solaris 
On-site  warranty,  next-business-day 
cross-ship  options  available. 


ASA  —  Custom  Servers  and  Storage 
www.asacomputers.com  •  866-382-5263 

2354  Calle  Del  Mundo,  Santa  Clara,  CA  95054 

For  details/inquiries/customization  email:  sales@asacomputers.com 

All  Systems  are  pre-loaded  with  any  Linux/BSD  version/distribution  of  your  choice.  On-site  warranty,  cross-ship  options  available 


MINI  SUPER  for  Clusters 


1U  14"  Depth 

1  of  2  Intel*  Xeon™  processors  2.4  GHZ 
Serial.  VGA,  USB  2.0.  Mouse,  Keyboard 
All  ports  Front  Accessible 
1  x  10/100,  1  x  Gigabit  LAN 
512  MB  DDR  ECC  (Max  8  GB) 

Options:  CD.  Floppy 


$1249 


NO-FRILLS  STORAGE  SERVER 


6TB  SATA  storage  in  5U! 

Dual  Intel*  Xeon™  processors  2.4  GHz 
512  MB  DDR  ECC  Memory  (Max  8  GB) 

3  Raid  5  volumes  of  2TB  each 
Dual  Gigabit  LAN,  CD 

Options:  IDE,  SCSI  Drives,  Firewire,  DVD-RW, 
CDRW,  64-  bit  OS  configuration,  Additional  LAN. 
Floppy,  Fiber  Gigabit 


SM-6013P8+ 

SI  649 


Sends 

SNMP 

Messages 


Monitors 

64 

IP  addresses 


Internal 

UPS 


BE  NOTIFIED  BEFORE  CRITICAL  EVENTS  TURN  INTO  DISASTER! 


Embedded 

Web 

Server 


Sends 

E-Mail 


Power 

Outage 


Microphone 

for  Sound 
Monitoring 


The  Sensaphone  IMS-4000  Infrastructure 
Monitoring  System  monitors  critical  environ¬ 
mental  and  network  elements  in  your  server 
room,  data  center,  or  telecomm  installation  and 
reports  to  you  instantly  when  events  threaten 
your  infrastructure.  The  IMS-4000  keeps  watch 
so  you  don't  have  to.  See  these  features  and 
more  on  the  web  at  www.ims-4000.com 


8  R|-45  Sensor  Inputs 

(Temperature,  Humidity, 
Water,  Motion,  Power, 
Smoke/Hre) 


•  Eight  environment  inputs 

•  Power  sensing 

•  Monitors  64  IP  addresses 

•  Send  alerts  to  64  people 

•  8  methods  of  contact 

•  Calendar  scheduling 

•  Expands  to  256  sensors 

•  Remote  power  control 

•  Optional  camera 


Power 

Control 

Interface 


Ethernet 

Port 


Internal  Voice, 
Modem 
&  Pager  Port 
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10/100  BaseT  Ethernet 


IP  for  HTML.  SNMP 


Telnet  Management 


RS-232 


Senal  Management 


Link  Port 
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Expansion  Module 
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Power  Tower  XL 


•  Outlet  Grouping  across 
power  circuits 


Input  Current  Monitor 
New  HTML  GUI 


Power-up  Sequencing 

Zero  U  vertical  and  Rack- 
mount  horizontal  models 


•  Add  a  second  Power  Tower 
to  manage  32  power-ports 


Sentry  Power  Tower. 

Equipment  Cabinet  Solutions. 

■  ■ 


Server  Technology;  Inc. 

- 

1040  Sandhill  Drive  Reno,  Nevada  89511  USA 
web:  www.servertech.com  toll  free:  1.800.835.1515 


Save  40-70 %  on  Network  Equipme 


Refurbished  Routers,  Switches, 

Access  Servers  and  Modules. 

Trust .  Value  II 


Quality  Parts. Great  Prices 


^  Trust  the  Experts 

Continental 


Call  today  for 
10%  off  1  item  (Up  to  $500)* 

*New  customers  only. 


www.  con  ticomp.  com 
'COMPUTERS  ,Se4  Call  us:  (310)  416-1200 


A  New  Patent  Pending  Rack  Design  J  m  JeeP  *  only  f  JfJJf 

a  I.  *  c-  q  i  I,  i  "«  ,  oemri/D  ^  43  RU  30"  Deep -only  $264.85 

Assemble  Any  Size  Rack  Using  Only  3  STOCK  Parts 

3  precisely  engineered  parts  when  connected  together  form  Wiggle-Free  equivalent  strength  Shop  Online 

and  integrity  of  fully  assembled  welded  rack  enclosures.  Choose  any  width,  depth,  &  height  www.rackframe.com 

of  dual-tapped  E.l.A.  rack  rail  from  one  of  43  sizes  in  1-3/4”  rack  unit  increments.  Every  info@rackframe.com 

Rack  assembly  ships  knocked-down  in  3  small  cartons.  Build  all  kinds  of  neat  stuff!  888-214-8363 


Attention  Resellers! 


SECUREIVIATICS 

The  Right  decision  for  Security  Products 

Best  Source  for  SONICWALL 
Security  Products! 
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LIMITED  TIME  OFFER! 

*  Earn  1  FREE  SonicU  e*Trainlng 
Class  for  every  SISK  In  SonicWALL 
purchases  from  Securematics." 

*  New  SonicWALL  Resellers  will  receive  1  FREE 

SonicU  Electronic  Training  Course  with  purchase 
of  any  Demo  Unit  - 

Securematics  is  a  SonicWALL  Authorized  Distributor  &  Training  Partner 
To  sign  up  for  the  Medallion  Partner  Program,  please  contact  us. 

Call  -  888-746-6700  sales@securematics.com  www.securematics.com 
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network,-*  -  * 
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*  NetWork  Hardware 

WORLDWIDE  PROVIDER 
OF  NETWORK 
HARDWARE 

SINCE  1981! 

! 

•  Cables 

•  Memory 

THE  NETWORK  SPECIALISTS 

WRCA.NET 

--  MMW  *722 

M 

sales@wrca.nel 

-  (800)699-9722x102 

Luggage,  Fine  Leather  Goods, 
Gifts,  and  more! 

Tumi,  Hartmann,  Andiamo, 
Samsonite,  Cross 
10%  discount  for  Network 
World  readers 
Enter  code  NWW2004 
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IT  Careers  in  BioTech/Pharmaceuticals 


If  you  check  out  just  about  any  high-tech 
economic  development  zone  across  the 
country,  there's  one  category  of  work  common  to 
all  -  biotech.  The  reasons  are  simple:  millions  of 
Americans  aging,  the  opportunity  for  new 
medications  and  treatments,  and  the  potential  for 
jobs  and  prosperity. 

Karena  Strella,  principal  for  Egon  Zehnder 
executive  search  firm  and  a  biotech/pharma  recruiter, 
says  the  pressure  is  on  to  find  the  skills  and  talents 
needed  to  move  drugs  to  market  more  quickly 
and  to  move  drugs  through  trials  in  an  efficient 
and  effective  manner.  "They're  using 
technology  to  move  them  through  these 
stages,"  she  says. 


i; 


The  IT  skills  divide  into  several  categories. 
There  are  IT  skills  needed  to  maintain  the 
business  enterprise,  but  also  bioinformatics 
where  data  from  trials  and  research  becomes 
information.  "We  are  seeing  computer  savvy 
people  go  back  to  acquire  life  sciences  skills  and  ( 
experience  to  fill  the  demand  for  people," 
Strella  says.  "We  also  are  seeing  more 


A 


scientists  who  are,  out  of  frustration, 
going  into  the  tech  side  to  develop 
the  tools  they  need." 

Strella  says  that  2003  was  the 
lowest  year  ever  in  terms  of  job 
openings.  "We're  seeing  100%  improvement 
this  year  in  terms  of  assignments  we're 
getting,  as  well  as  those  our  competitors  are 
getting.  The  skill  most  in  demand  that  we're 
hearing  is  for  people  who  can  lead  technical 
and  scientific  people." 


The  investment  in  people  and 
expansion  is  evident,  from  the 
building  of  a  new  headquarters 
campus  for  Cephalon,  near  Philadelphia, 
to  Amgen's  February  grand  opening  of  its 
new  research  and  development  campus  in 
Seattle.  Amgen,  the  world's  largest  biotech 
company,  has  information  sciences  and  research 
positions  available.  The  new  research  campus, 
known  as  Helix,  combines  more  than  750  staff 
members  from  several  different 
locations.  It  boasts  of  some  of  the 


latest  tech  advances  in  computerization  and  robotics 
in  support  of  creating  breakthrough  therapies. 
Stalwart  companies  such  as  Johnson  &  Johnson 
and  AstraZeneca  also  continue  to  post  jobs  for 
positions  as  varied  as  data  mining  and  technologists 
to  support  research  and  the  business. 

Probably  one  of  the  most  telling  aspects  of  the 
available  positions  is  that  even  the  most  senior 
research  scientist  listings  for  the  companies 
include  a  formidable  requirement  for  computer 
science/technology  -  languages,  application  integration 
and  the  like. 

Strella  is  quick  to  point  out  that  while  the  firmly 
established  companies  offer  opportunities,  so  too  do 
startups.  "Startup  companies  are  gaining  funding  to 
move  pharmaceutical  therapies  into  trials,"  she  says, 
signaling  the  need  for  IT  professionals  with  the 
complex  skills  required. 

For  more  information  about  IT  Careers  advertising, 

please  contact:  Nancy  Percival 

Vice  President,  Recruitment  Advertising 

800.762.2977 

500  Old  Connecticut  Path 

Framingham,  MA  01701 

Produced  by  Carole  R.  Hedden 


COMPUTER  PROFESSIONALS 
Opportunities  for: 

•  SYSTEMS/BUSINESS/ 
PROGRAMMER  ANALYSTS 

•  PROCESS  CAPABILITY 
ANALYST 

•  QC  ANALYST 

•  WEB  ARCHITECTS/ 
DEVELOPERS 

•  SYSTEMS  ANALYSTS 

•  WEB  GRAPHIC  DESIGNERS 

•  NETWORK  ENGINEERS 

•  PROGRAMMER/ANALYSTS 

•  SOFTWARE  ENGINEERS 

SKILLS' 

•  COLD  FUSION  •  SPECTRA 

•  ORACLE  •  VISUAL  BASIC 

•  VISUAL  C++  •  SIEBEL  •  ASP 

•  COM.  DCOM  •  JSP  •  HTML 

•  JAVA.  JAVA  BEAN  •  EJB  JAVA 
SERVLETS  •  WEBSPHERE 

•  IBM  MQ  SERIES  •  XML, UML 

•  MTS  •  CLARIFY  •  PERL 

•  OBJECTPERL  •  SPYPERL 

•  SMALLTALK  •  PL/SQL 

•  VISUAL  AGE  •  COBOL.  SPL, 
UNIX 

Visit  our  website  @ 
www.computertiorizons.com 
Attractive  salaries  and  benefits. 
Please  forward  your  resume  to: 
H.R.  Mgr  ,  Computer  Horizons 
Corp.,  49  Old  Bloomfield 
Avenue,  Mountain  Lakes,  New 
Jersey  07046-1495.  Call 
973-299-4000  E-mail:  jobs@ 
computerhorizons.com.  An 
Equal  Opportunity  Employer  M/F. 

Web  Developer 

Designs,  develops  applications 
for  Insurance-Reinsurance  com¬ 
panies  regarding  natural  Catas¬ 
trophe  Analysis.  Develops  apps 
for  Meteorologists  for  data  for 
Weather  Derivatives  trading. 
Devs  online  tools  for  clients  to 
analyze  climate  forecasts.  Parti¬ 
cipates  in  technical  design,  de¬ 
velopment.  implementation  and 
testing  of  new  and  existing  com¬ 
mercial-quality  web  applications; 
investigates,  analyzes,  imple¬ 
ments  new  web  technologies 
and  tools  utilizing  IIS,  ASP,  Vis¬ 
ual  Basic,  XML,  XSL,  COM, 
DCOM,  SQL  Server,  ADO,  Site 
Server.  Reqs.  strong  interper¬ 
sonal  skills,  ability  to  work  w 
team.  Min.  Reqts:  knowledge  of 
modeling  and  s/w  dev  demon¬ 
strated  by  Bach,  degree  in  CE  or 
related  field  +  2  years  prof,  exp 
in  s/w  development,  Internet 
technology,  and/or  systems 
implementation.  Grad  level  work 
in  qualified  field  accepted  in  lieu 
of  experience  if  course  work  pro¬ 
vides  exposure  to  systems  etc. 
needed  to  do  job.  $60000  annu- 
al/FT.  Submit  2  resumes  to  Case 
#  200203668,  Div.  of  Career 
Services,  Labor  Certification 
Unit,  19  Staniford  Street,  1st  FI. 
Boston  MA  02114. 

Sr.  Software  Engineer  sought  by 
network  security  device  manu¬ 
facturer  to  work  in  Broomfield. 
CO  and  other  unanticipated  job 
sites  in  the  U.S.  to  engage  in  full 
life  cycle  development  of  system 
security  software  agents  and 
programs  for  high-end,  fault-tol¬ 
erant  data  communications  net¬ 
works  which  accesses  relational 
database  management  systems 
(RDBMS)on  a  UNIX  platform. 
Analyze  project  requirements, 
architect  and  design  the  soft¬ 
ware  system  using  object  orient¬ 
ed  (OOP)  and  procedural  sys¬ 
tem  design  principles.  Code, 
test  and  debug  the  software. 
Use  SQL.  C/C++,  and  JAVA  on 
UNIX  platform  in  the  develop¬ 
ment  process.  Engage  in  pro¬ 
ject  management  as  required. 
Requires  master's  in  computer 
engineering;  1  yr  exp.  in  the 
design  and  development  of  soft¬ 
ware  systems  accessing  rela¬ 
tional  database  management 
systems  on  a  UNIX  platform 
using  object  oriented  and  proce¬ 
dural  system  design  principles, 
SQL,  C/C++,  and  JAVA  pro¬ 
gramming  languages  on  a  UNIX 
platform.  M  -  F;  8am  -  5pm; 
$91 ,800Ayr.  Respond  by  resume 
to  Employment  Programs,  PO 
Box  46547,  Denver,  CO  80202 
and  respond  to  JON 

CO5071395. 

Field  Service  Engineers:  Install, 
maintain,  and  refurbish  high¬ 
speed  Imaging  systems;  Install, 
maintain  and  troubleshoot  hard¬ 
ware  and  software  as  well  as 
network  and  data  storage  de¬ 
vices  to  insure  connectivity.  Req 
BS  or  equivalent  (based  on  edu¬ 
cation  or  work  experience  or 
both)  in  Mechanical  Engineering 
or  Electro-Mechanic  Engineer¬ 
ing  with  proficiency  with  Xerox 
DTI 35/6 135/6 180  and  4135/ 
4635  printers,  and  WAN/LAN 
TCP/IP  Ethernet.  Linux  FTP 
Storage.  Fiber  Gateway  Print 
Server  40hr/wk,  8-5  and  shifts 
Send  resume  to:  Service  Tech¬ 
nologies,  P.O.  Box  13136. 
Atlanta.  GA;  30324 

PROGRAMMER/ANALYST 

sought  by  mortgage  co.  in 

Baton  Rouge,  LA.  Requires 

B.S.  in  Computer  Science 

or  Systems  Science  plus 

exp.  Respond  by  resume 

to:  HR  Mgr.,  X/W-#10, 

Aegis  Mortgage  Corp., 

10049  N.  Reiger  Road. 

Baton  Rouge,  LA  70809. 

Programmers  to  design  soft¬ 
ware  appls  using  RDBMS, 
Oracle  Databases,  Informix- 
4GL,  Informix  Online,  SQL 
Server,  VB.  Power  Builder,  etc. 
under  UNIX  OSs;  program,  test 
and  debug  user  interfaces  and 
supporting  database  objects; 
analyze,  review,  and  rewrite 
programs  to  increase  operating 
efficiency  and  adapt  program  to 
new  reqs.  Require  candidates 
with  BS  or  foreign  equiv.  in 
CS/Engg.  (any  branch)  &  1  yr 
exp.  in  IT.  Competitive  salary, 
F/T,  travel  involved.  Resume  to 
HR,  Ordusion  Technologies, 
Inc.,  3883  Rogers  Bridge  Road, 
Suite  504.  Duluth,  GA 

NWO 32904 E/MW/W  1 
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APPLICATIONS  ENGINEER  to 
design,  develop,  debug,  setup 
and  oversee  installation  of  total 
robotic/automation  solutions  uti¬ 
lizing  mechanical  units  and  con¬ 
trollers  for  Nachi,  FANUC, 
MOTOMAN,  Kawasaki,  KUKA 
and  ABB,  SCARA  applications, 
Denso  Robots,  Adept  and 
Yamaha;  develop  system  layout 
concepts  and  renderings  using 
computer  aided  tools  and  tech¬ 
nology  including  Microsoft 
Office,  SalesLogix,  Quote 
Master,  OMRON  PLC  for  Nachi 
RPC,  Allen  Bradley  Systems 
and  Yaskawa  PLC;  provide 
detailed  specification,  require¬ 
ments  review  and  cost  analysis 
of  digital  control  systems  for 
intelligent  machines;  provide 
technical  support  of  entire  sys¬ 
tems  (hardware,  software  and 
start-up)  to  sales,  internal  per¬ 
sonnel,  user  staff  and  robot 
manufacturers.  Require:  B.S.  in 
Computer/Electrical/Electronics 
Engineering  and  three  years 
experience  in  the  job  offered  or 
any  experience  providing  skills 
in  described  job  duties. 
Competitive  salary  and  benefits, 
40-hour/week,  M-F.  Apply  with 
resume  to:  Human  Resource 
Manager,  Factory  Automation 
Systems,  5139  Southridge 
Parkway,  Atlanta,  GA  30349. 


Sr  Systems  Analysts  to  man¬ 
age  teams  to  analyze,  design, 
develop  appls  using  VB,  SQL, 
ASP,  SAS,  MS  Access  etc  using 
Windows  OS;  perform  database 
modeling  using  ERWIN,  create 
stored  procedures,  functions, 
triggers  using  T-SQL;  identify 
user  problems,  prepare  mainte¬ 
nance  plans;  provide  technical 
support,  train  end-users. 
Require  MS  or  foreign  equiv  in 
CS/Engg  (any  branch)  or  related 
field  with  1  yr  exp  in  IT. 
Programmer  Analysts  to  ana¬ 
lyze,  design, test  appls  using 
OOAD,  C++,  CORBA,  XML, 
Oracle,  SQL,  Websphere, 
Rational  Rose,  Shell  Script,  etc 
under  Windows  OS;  develop 
test  suites  for  performing 
regression/integration  testing; 
prepare  user  docs  for  installing 
system  software.  Require  a 
B.S.  or  foreign  equiv  in  CS/Engg 
(any  branch)  with  2  yrs  exp  in 
IT.  High  salary.  F/T.  Travel 
involved.  Resume  to:  HR, 
Unilinx,  Inc.,  4625,  Alexander 
Dr..  Ste  110,  Alpharetta,  GA 
30022. 


Technical  Support  Specialist- 
Coord.  business  syst.  solutions 
&  internet  serv.  w/computer  pro¬ 
gramming  to.  Eval.  company's 
hardware  &  software  needs. 
Resolve  computer  related  prob¬ 
lems.  Oversee  installation,  op¬ 
eration  &  maintenance  of  all 
equip.  Determine  feasibility  of 
expanding  systems  operations 
&  online  services.  Create  & 
maintain  Internet  Website.  BA  in 
Systems  Eng.  or  Computer 
Science  &  1  year  of  exp  in  job 
offered-40hrs  per  wk,  10-7P. 
Fax  resume  to:  Silver  Seahorse 
Corporation.  Attn:  Dorina 
Dolcini  (305)  532^1993. 


Sr,  Programmer  Analyst:  Ana¬ 
lyze,  design,  develop,  test  & 
implement  computer  applica¬ 
tions/software  systems.  Bach¬ 
elor's  or  equivalent  in  Computer 
Science  or  a  related  field  &  2  yrs' 
exp  in  the  position  offered  or  in  a 
related  systems  or  applications 
programming  positions.  Alter¬ 
natively  employer  will  accept  4 
yrs  exp  in  the  position  offered  or 
in  a  related  systems  or  applica¬ 
tions  programming  position. 
Resume  to  L.  Morrow,  Oneil 
Color  Compounding,  193 
Commerce  Place  Jasper,  TN 
37347. 


AGR  Associates,  Inc  is  seeking 
qualified  computer  professionl- 
for  the  following  positions  to 
work  at  client  sites  in  Iowa  and 
throughout  the  United  States: 
Business  Objects  Programmer 
Analyst,  SAS  Data  Warehousing 
Consultant,  Senior  Project 
Manager,  Application  Database 
Manager,  Oracle  Database 
Administrator.  SQA  Tester/ 
Analyst,  Oracle/Java  Applica¬ 
tions  Programmer  Analyst, 
Database  Design  Administrator, 
C++/VC++/Vitria  Businessware 
Software  Engineer.  We  are 
seeking  individuals  with  any  of 
the  following  skills:  Sybase, 
Oracle,  C++,  VC++,  Pro*C, 
FoxPro,  SAS,  Business  Objects, 
Vitria  Businessware,  Infor- 
matica,  Business  Objects.  Send 
resume  to:  AGR  Associates, 
Attn:  Human  Resources,  222 
Third  Avenue,  SE,  Suite  299-15, 
Cedar  Rapids,  Iowa  52401 


Programmer-Analysts  needed  to 
dsgn,  implmt,  integrate,  test  & 
support  provisioning  s/ware 
using  C++,  Java,  XML,  SQL, 
JSP,  DB2,  MQ  Series,  SunOne 
&  Er-Win  on  RedHat;  perform 
systm  dsgn  for  s/ware  systms 
running  on  RTOS  HardHat;  dsgn 
&  implmt  automated  test  scripts 
using  shell  scripting  &  perl;  dvlp 
IP  protocols  (OSPF,  BGP4). 
Apply  to:  Global  Consultants, 
Attn:  Hireme,  8800  Grand  Oaks 
Circle,  Suite  100,  Tampa,  FL 
33637. 


Software  Engineer:  Dsgn,  dvlp 
s/ware  systms  &  maintain  com¬ 
pany's  Artificial  Intelligence 
systms  for  text  feature  extraction 
&  automated  email  classification 
using  SICStus  PROLOG,  C++. 
Java,  JavaScript,  Win2000, 
Unix.  Assist  in  dvlpmt  &  mainte¬ 
nance  of  company's  proprietary 
middle  tier  business  logic.  Req. 
BS.  in  Com.  Sc  or  Al.  or  related 
field  +  1  yr  exp.  in  job  offd. 
Resume  to  Personnel  Mgr, 
TouchPoint  Solutions,  3535 
Piedmont  Rd,  Ste  800,  Atlanta, 
GA  30305 


Network  Project  Manager, 
Charlotte,  NC,  Wachovia  Corp. 
Manage  telecom,  and  infrastruc¬ 
ture  projects.  Reqs.  BA  in  Bus. 
Admin.  Finance  or  MIS  &  2  yrs 
exp.  in  the  pos.  off.  or  as  a 
Financial  Analyst.  The  2  yrs 
exp.  must  incl.  financial  analysis 
working  on  annual  budgets, 
forecasting  and  chargeback  in  a 
tech,  services  environment  & 
negotiating  telecom,  contracts  & 
working  w/  network  engineers  to 
coordinate  business  reqs.  M-F, 
40hrs/wk,  Send  resume  and 
cover  letter  to  Ms.  Babette 
Robbins,  Wachovia  Corp.,  809 
West  4  1/2  Street,  Winston- 
Salem,  NC  27101.  No  phone 
calls. 


Technical  Architect  -  Design, 
develop,  &  architect  application 
software  using  VB  6.0,  COM+ 
and  MS-SQL.  Req:  Bach.  deg. 
(or  foreign  equiv.)  in  Comp.  Sci, 
Info.  Sys.,  or  closely  related 
field,  w'  1  yr.  exp.  in  job  offered 
or  in  the  design  &  development 
of  application  software.  Bach, 
equiv.  gained  through  work  exp. 
will  be  accepted.  Paid  travel  to 
unanticipated  client  sites  within 
the  U.S.  is  required.  8a-5p,  M-F. 
Resume  to:  Corp.  HR, 
Systemtec,  Inc.,  246  Stoneridge 
Dr.,  Ste.  301,  Columbia,  SC 
29210. 


Senior  Systems  Analyst  Corn¬ 
ing  Incorporated  in  Corning,  NY, 
seeks  Senior  Systems  Analyst 
to  design  and  develop  applica¬ 
tions.  infrastructure  and  informa¬ 
tion  management  systems  that 
meet  business  requirements. 
Requires  Bachelor's  degree  in 
Information  Management,  Com¬ 
puter  Science,  Engineering  or 
related  field  and  relevant  experi¬ 
ence  including  work  with  rela¬ 
tional  databases  such  as  Oracle, 
SQL  Server  or  MS  Access,  pro¬ 
gramming  languages  such  as 
Java,  C,  C++.  Visual  Basic  or 
HTML,  and  experience  with 
object-oriented  design.  To  apply 
please  forward  your  resume  to 
stoneer@corning.com  and  refer¬ 
ence  opening  9542. 


Programmer  Analysts  need¬ 
ed.  Seeking  candidates  pos¬ 
sessing  BS  or  equiv.  and  rel. 
work  exp.  Duties  include: 
Design,  code  and  implement 
software  systems.  Exp.  must 
include  2  years  working  with 
Crystal  Reports,  Javascript 
and  IIS.  Mail  resume,  refs  and 
salary  reqs.  to:  Symbiosis 
International,  3965  Okemos 
Road,  Suite  B2,  Okemos,  Ml 
48864. 


Systems  Analyst.  Responsible 
for  Wholesale  Distribution 
Systems  analysis,  design,  and 
development;  website  design 
and  programming;  computer 
system  support  needs;  and 
research  and  dissemination  of 
information  on  technology 
issues.  Must  have  two  years 
college  in  Comp.  Sci.,  MIS  or 
Business  Tech.,  two  years 
exp.,  and  knowledge  of  PRO¬ 
GRESS  and  UNIX.  Send 
resume  to  MT  Sports,  LLC, 
Attn:  Norm  Pollock,  650 
Carbon  St.,  Billings,  MT 
59102. 


itcareers.com  can  solve  the 
labyrinth  of  job  hunting 
by  matching  the  right 
IT  skills  with  the 
right  IT  position. 

Find  out  more  at: 

www.itcareers.com 
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find  a  job 

The  IT  Careers  Network  uses  the  power  of  The  Wall 
Street  Journal's  CareerJournal  jobs  d at  abase  to  bnng 
you  the  largest  concentralion  of  IT  jobs  available.  G9t 
e-mail  notifications  when  new  jobs  match  your 
search  critena  Post  an  online  resume  and  more’ 

•  search  jobs 
•creata  a  Job  Alert 
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•  post  a  resume 

•  edit  you r  resume 
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!  sources  in  the  industry  Thay  bring  readers  regular 
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!  career  trends,  salanes,  contracting  hmng  and 
'  retention  issues 


post  a  job 

Finding  the  nght  IT  professionals  to  fill  your  available 
positions  can  be  a  challenging  and  time-consuming 
effort.  IT  Careers  can  help  With  the  22  million 
unique  visitors  each  month,  the  online  services  that 
are  available  through  (T  Careers  is  a  smart  way  to 
deliver  and  job  posting 

•  post  jobs 

•  search  resumes 

-  become  a  Featured  Employer 

•  online  opportunities 
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PROGRAMMER  ANALYSTS. 
SOFTWARE  ENGINEERS, 
DATABASE  ANALYSTS. 
SYSTEMS  ANALYSTS 

Leading  IT  Firm  seeking  software 
professionals  to  assist  with  soft¬ 
ware  development. 

Skills  Needed  C. C++. Java,  EJB. 
J2EE,  Informatica.  Datastage, 
SAS  .Peoplesoft,  SAP.  Net  . 
Erwin.  Weblogic,  Websphere. 
Oracle.  MS  SQL,  DB2,  Win  NT. 
Unix. 

Please  apply  with  2  Copies  of 
resume.  Our  company  is  hiring 
for  following  office  locations. 
Pennsylvania:  HRD,  Vision  Sys¬ 
tems  Group.  Inc  2400  Gettysburg 
Rd  Camp  HH,  PA  17011,  New 
Jersey:  HRD,  Vision  Systems 
Group.  Inc  100  Davidson  Ave 
Suite  #  305  Somerset  NJ  08873; 
Iowa:  HRD  Vision  Systems 
Group,  Inc  111  6th  Ave  Suite#  11 
Coon  Rapids.  IA  50058. 

SOFTWARE  ENGINEER  (2 
positions)  to  design,  develop, 
implement,  test  and  maintain 
application  software  using  NET 
Framework,  C#,  ASP.NET,  XML, 
SQL  Server,  VB.  ASP.  COM, 
COM+,  JavaScript,  MTS  and 
Oracle  under  Windows  and 
UNIX  operating  systems. 

Require:  MS.  degree  in 
Computer  Science,  an 

Engineering  discipline,  or  a 
closely  related  field  with  two 
years  of  experience  in  the  job 
offered.  Extensive  travel  on 
assignments  to  various  client 
sites  within  the  U  S.  is  required. 
Competitive  salary  offered. 
Apply  by  resume  to:  Sudhakara 
Ravoori,  Sai  Technical 

Services,  Inc.,  626  Wendover 
Drive,  Ridgeland,  MS  39157; 
Attn:  Job  SM. 

PROGRAMMER/ANALYST  to 
analyze,  design,  develop,  test 
and  support  animations  for  var¬ 
ious  business  management  soft¬ 
ware  applications  using  MEL 
Scripting,  Maya,  Light  Wave  3D 
and  Project  Messiah  under 
Windows  operating  system; 
Create  visual  components  of 
computer  applications  including 
modeling,  texture  mapping, 
articulation  (character  setup), 
animation,  lighting,  layout  and 
rendering.  Require;  Bachelor's 
degree  in  Computer  Science, 
Business  Management,  Busin¬ 
ess  Admin.,  or  a  closely  related 
field  with  2  years  of  exp  in  the 
job  offered  or  as  a  Programmer/ 
Character  Animator  Competitive 
salary  offered.  Send  resume  to: 
Cheri  Cannon,  Macquarium, 
Inc.,  1800  Peachtree  St.,  NW, 
Suite  250,  Atlanta,  GA  30309; 
Attn;  Job  KS. 

Space  Imaging  seeks  applica¬ 
tions  for  the  position  of  Lead 
Enterprise  GIS  Applications 
Developer  in  Thornton,  CO  to 
design  and  manage  enterprise 
Geographic  Information  Syst¬ 
ems  (GIS)  software  develop¬ 
ment  projects.  Requirements 
include  a  bachelor's  in  geogra¬ 
phy  or  geology;  5  yrs  exp 
designing  and  developing  GIS 
software  applications  including 
at  least  3  yrs  designing  geodata¬ 
bases  and  utilizing  ArcGIS, 
ArcObjects,  ArcSDE,  Geo- 
Database,  ArcIMS  and  UML 
data  modeling  methods;  certifi¬ 
cate  in  Geographic  Information 
Systems.  Respond  by  submit¬ 
ting  resume  to  Christine  Skala, 
Space  Imaging,  12076  Grant  St., 
Thornton,  CO  80241  and  refer¬ 
enced  JON  4769A. 

IT  SPECIALIST  to  plan,  design, 
implement,  maintain  and  admin¬ 
ister  the  company's  information 
infrastructure,  including  hard¬ 
ware  setup  and  maintenance, 
software  installation,  configura¬ 
tion  and  upgrades;  network  ad¬ 
ministration  and  trouble-shoot¬ 
ing;  implement,  evaluate  and 
maintain  networked  computer 
hardware  to  meet  user  require¬ 
ment;  design,  develop  and  main¬ 
tain  the  company's  website;  pro¬ 
vide  programming,  design  and 
technical  support  for  users  and 
clients.  Require;  Bachelor’s  de¬ 
gree  in  Computer  Science/Infor¬ 
mation  Systems.  Competitive 
salary  offered.  Mail  resume  to: 
President,  Microtips  Technology, 
3452  Lake  Lynda  Dr.,  Suite  215, 
Orlando,  FL  32817. 

Senior  Lead  Systems  Analyst. 
Corning  Incorporated  in  Com¬ 
ing,  NY,  seeks  Senior  Lead 
Systems  Analyst  to  develop  IT 
solutions  by  creating  new  and 
modifying  existing  software  ap¬ 
plications  for  science  and  tech¬ 
nology  organization.  Requires 
Master's  degree  in  Engineering 
or  Computer  Science  and  rele¬ 
vant  experience  in  the  stages  of 
innovation  in  an  R  &  D  environ¬ 
ment,  data  application  develop¬ 
ment  in  Oracle  using  SQL  and/or 
PL/SQL,  and  customizing  Manu¬ 
facturing  Execution  Systems.  To 
apply  please  forward  your 
resume  to  stoneer@corning.com 
and  reference  opening  9544. 

Project  Leader.  Coming  Incor¬ 
porated  in  Coming,  NY,  seeks 
Project  Leader  to  develop  and 
support  information  technology, 
business,  manufacturing  and 
quality  systems  for  science  and 
technology  organization.  Re¬ 
quires  Bachelor’s  degree  in  Infor¬ 
mation  Management,  Computer 
Science,  Engineering  or  related 
field  and  relevant  experience 
including  management  of  IT- 
related  projects,  programming 
languages  such  as  Java,  C.  C++, 
Visual  Basic  of  HTML  and  appli¬ 
cation  development  using  rela¬ 
tional  databases  such  as  Oracle, 
MS  SQL  Server  or  MS  Access. 
To  apply  please  forward  your 
resume  to  stoneer@coming.com 
and  reference  opening  9543. 

Systems  Analyst  -  Analyze, 
design,  develop,  test,  &  support 
computer  systems  for  the  chem¬ 
ical/nuclear  research  field  using 
VB  6.0  and  Oracle  8.0  Req: 
Bach.  deg.  (  or  foreign  equiv.)  in 
Info.  Tech.,  Engg.,  or  related  sci¬ 
entific  discipline,  w'  2  yrs.  exp.  in 
job  offered  or  in  the  design  & 
development  of  computer 
apps/systems.  Exp.  gained 
before  or  after  obtaining  Bach, 
will  be  accepted.  Paid  travel  to 
unanticipated  client  sites  within 
the  U.S.  is  required.  8a-5p.  M-F. 
Resume  to:  Corp.  HR, 
Systemtec,  Inc.,  246  Stoneridge 
Dr.,  Ste.  301,  Columbia,  SC 
29210 

Software  Engineers,  Progr¬ 
ammer  Analysts,  Systems 
Analysts  (  NH.)  IT  firm.  Bach  + 
1  yr  of  exp.  for  jr  Ivl  posi's.  & 
Mast  +  2yrs  or  Bachs  +5yrs  of 
exp.  for  sr.  Ivl  posi's.  Skills  req:- 
Java,  Cobol,  VB,  ASP,  NET, 
Oracle,  Peoplesoft,  Oracle 
Financials,  PL/SQL  Server, 
Windows  NT.  Unix,  C.C++  and 
testing.  Amcat  Dialer.working 
with  PRI,  DSI,  protocols  prefd. 
Please  apply  w/  2  copies  of  your 
resume  to  HRD,  Worldwide 
Information  Technology  Serv¬ 
ices,  155  Fleet  Street 
Portsmouth,  New  Hampshire  - 
03801. 

Systems  Analyst  -  Abbott 
Laboratories  seeks  qualified 
Systems  Analysts,  Database 
Administrators,  Software  Engin¬ 
eers  and  Software  Specialists 
with  experience  in  one  or  more 
of  the  following  technologies: 
SAP,  ABAP.  BASIS,  RDBMS. 
SUN  UNIX,  Solaris,  Oracle, 
AS/400,  PL/SQL,  Visual  Basic, 
C/C++.  Windows,  UNIX,  SAS, 
HTML,  XML,  Java,  JSP, 
JavaScript.  Documentum,  LAN, 
Lotus  Notes  Respond  by  mail  to 
Abbott  Laboratories,  Dept.  323, 
Bldg  AP6D2.  100  Abbott  Park 
Road.  Abbott  Park  IL  60064- 
32537.  An  EOE.  Refer  to  ad 
code:  IT-KE 

Senior  Operations  Engineer 
wanted  to  be  responsible  for  the 
specification,  installation  &  con¬ 
figuration  of  revenue  generating 
value-added  products  within  live 
N.  Amer.  operator  networks.; 
provide  expert,  remote  &  on-site 
tech,  support  for  all  products 
across  all  mobile  technologies, 
incl.  TDMA,  CDMA,  GSM  /  DCS. 
resolving  any  issues  which  may 
occur;  resolve  escalated  tech, 
issues  to  customer  acceptance 
w/in  scheduled  timeframes  & 
work  proactively  to  ensure  that 
all  live  systems  are  kept  up-to- 
date  with  minimal  disruption  to 
service;  identify  &  track  hard¬ 
ware  &  software  problems  & 
escalates  to  relevant  depts.  & 
3rd  party  vendors;  interface  as 
first  line  of  support  for  third  party 
products,  for  example  Oracle, 
Ingres  databases,  ISS  email 
gateway  servers,  IVR  &  SMSC 
interfaces  to  3rd  party  prepaid 
platforms;  maintain  extensive 
knowledge  in  HP  SS7  Opencall 
Protocol,  software  &  hardware; 
lead  a  team  of  Engs.  &  maintain 
ownership  of  several  customer 
accts.,  ensuring  all  support 
issues  are  resolved  within 
agreed  Service  Level  agree¬ 
ments;  review  all  call  resolution 
reports  prior  to  delivery  to  cus¬ 
tomer  &  all  methods  of  proce¬ 
dure,  which  are  implemented  at 
customer  site;  interfaces  with 
Product  Centers  providing 
advice  on  design  &  integration  of 
new  products;  takes  lead  in 
learning  new  products  &  intro¬ 
ducing  such  products  to  the 
region;  act  as  mentor  &  tech, 
advisor  to  other  Operations 
Engs.;  provide  24  x  7  tech, 
escalation  support  to  customers 
&  Operations  Engs,  w/in  the 
company  support  framework. 
Must  have  Bach.  deg.  in  Comp. 
Sci.,  Elec.  Eng.  or  related  field, 
&  2  yrs.  software  tech,  support 
exper.  incl.  exper.  troubleshoot¬ 
ing  HP/Unix  operating  systems 
&  Oracle  8i  databases,  &  incl. 
exper.  with  wireless  technolo¬ 
gies  &  prepaid  excel  swtiches. 
Salary  $65,000  to  $70,000/yr. 
Send  2  resumes  to  Case# 
200203824  Div.  of  Career 
Services,  Labor  Certification 
Unit,  19  Staniford  St„  1st  FI., 
Boston,  MA02114. 


NETWORK  ANALYST  Monitor 
and  measure  the  data  network 
performance  and  assets  on  all 
maintenance  issues.  Respon¬ 
sible  for  overall  frame  relay  net¬ 
work  performance  and  mainte¬ 
nance.  Monitor  and  administer 
the  LANA/VAN  performance  re¬ 
porting  tools.  Provide  recom¬ 
mendations  on  system  upgrades 
based  on  performance  stan¬ 
dards.  Utilize  the  Project  Meth¬ 
odology  within  all  phases  of 
work.  Prepare  required  state¬ 
ment  of  work,  project  work 
plans,  status  reports,  variance 
reports  in  accordance  with  the 
AgFirst  System  Development 
Life  Cycle  for  approved/assign¬ 
ed  projects  and  update  through 
the  project  for  project  monitor¬ 
ing/reporting.  Participate  in  the 
development  of  written  proce¬ 
dures  to  support  network  moni¬ 
toring  and  maintenance.  Provide 
technical  assistance  to  all  Lead 
and  Senior  Network  Analysts. 
Require:  Bachelor's  degree  or 
foreign  degree  equivalent  in 
Computer  Science.  MIS,  or  a 
closely  related  field,  plus  2  years 
in  the  job  offered  or  as  a 
Network  Administrator/Web  Lab 
Manager.  In  lieu  of  Bachelor's 
degree  and  2  years  of  experi¬ 
ence,  a  Master’s  degree  in  Com¬ 
puter  Science  will  be  accepted. 
Experience  gained  before,  dur¬ 
ing  and  after  degree  will  be 
accepted.  Must  have  CCNA  cer¬ 
tification.  Send  resume  to: 
Recruiter  -  Human  Resources, 
AgFirst  Farm  Credit  Bank,  P.O. 
Box  1499,  Columbia,  SC  29202. 
(No  Phone  Calls  Please). 


For  over  20  years,  Syntel  employees  across  North  America,  Europe,  and 
Asia  have  helped  build  advanced  information  technology  systems  for  lead¬ 
ing  Fortune  500  companies  and  government  organizations  to  improve  their 
efficiency  and  competitiveness.  Today,  Syntel  professionals  are  building 
rewarding  careers  by  providing  solutions  in  e-business,  CRM,  Web  Design 
and  Data  Warehousing. 

Come  discover  why  Forbes  magazine  placed  Syntel  second  on  its  list  of 
“The  200  Best  Small  Companies  in  America”  and  Business  Week  ranked 
us  #1 1  on  its  list  of  Hot  Growth  Companies. 

Due  to  our  rapid  growth,  we  have  immediate,  full-time  opportunities  for 
both  entry-level  and  experienced  Software  Engineers,  Consultants, 
Programmers,  Programmer/ Analysts,  Project  Leaders,  Project  Managers, 
Supervisors,  Database  Administrators,  Computer  Personnel  Managers 
and  Computer  Operations/Account  Managers/Account  Executives  with 
any  of  the  following  skills: 

Mainframe 

•  IMS  DB/DC  or  DB2,  MVS/ESA. 

COBOL,  CICS 

DBA 

•  ORACLE  or  SYBASE 

Client-Server/WEB 

•  Siebel 

•  Websphere 

•  Com/DCom 

•  Web  Architects 

•  Datawarehousing 

•  Informix,  C  or  UNIX 

•  Oracle  Developer  or  Designer  2000 

•  JAVA,  HTML,  Active  X 

•  Web  Commerce 

•  SAP/R3,  ABAP/4  or  FICO  or  MM 
&SD 


•  Focus,  IDMS  or  SAS 


•  DB2 


•  Oracle  Applications  &  Tools 

•  Lotus  Notes  Developer 

•  UNIX  System  Administrator 

•  UNIX,  C,  C++,  Visual  C++,  CORBA, 
OOD  or  OOPS 

•  WinNT 

•  Sybase,  Access  or  SQL  server 

•  PeopleSoft 

•  Visual  Basic 

•  PowerBuilder 

•  IEF 


Account  Executives,  Account  Managers  and 
Business  Development/ Account  Specialist 

positions  available. 

Some  positions  require  a  Bachelor's  degree,  others  a  Master's  degree.  We  also 
accept  the  equivalent  of  the  degree  in  education  and  experience. 

With  Syntel  (NASDAQ:  SYND,  you'll  enjoy  excellent  compensation,  full  benefits, 
employee  stock  purchase  plan  and  more.  Please  forward  your  resume  and 
salary  requirements  to:  Syntel,  Inc.,  Attn:  Recruiting  Manager-LD03, 

525  E.  Big  Beaver,  Suite  300,  Troy,  Ml  48083.  Phone:  248-619-2800; 
Fax:  248-619-2888.  Equal  Opportunity  Employer. 
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Software  Engineer  sought  by 
network  security  device  manu¬ 
facturer  in  Broomfield,  CO  to 
work  in  Broomfield  and  other 
unanticipated  job  sites  in  the 
U.S  to,  at  a  senior  level,  design 
and  develop  computer  software 
applications  which  run  on  a 
Windows  platform  and  which  uti¬ 
lize  COM/DCOM  and  network 
management  protocols  such  as 
SNMP.  Analyze  requirements. 
Code,  test  and  debug  the  appli¬ 
cations.  Use  C++,  MFC  and 
j'AVA  in  the  software  develop¬ 
ment  process.  Requires  mas¬ 
ter's  in  computer  science  or 
electronics  engineering  or  equiv¬ 
alent  Specifically,  it  requires  a 
master's  degree  or  foreign 
equivalent  or  a  bachelor's 
degree  or  foreign  equivalent 
plus  five  years  of  progressive 
software  development  experi¬ 
ence;  1  yr  exp.  in  software 
development  using  C++.  MFC, 
COM/DCOM  and  Java  The  1  yr 
software  development  experi¬ 
ence  using  C++,  MFC,  COM/ 
DCOM  and  Java  may  be  con¬ 
current  with  the  5  years  required 
above.  M-F;  8am-5pm, 
$105,000/yr.  Respond  by 
resume  to  Employment  Prog¬ 
rams,  PO  Box  46547,  Denver, 
CO  80202  and  respond  to  JON 
CO5071391 . 


PROGRAMMER/ANALYST  to 
analyze,  formulate  and  imple¬ 
ment  operation  research  simu¬ 
lation  and  optimization  models 
for  railroads;  Design  and  devel¬ 
op  software  programs  and 
web-based  application  in  Java 
using  object  oriented  methodol¬ 
ogy  on  UNIX  and  Windows 
platforms;  Design  and  develop 
database  programs  in  Sybase 
and  DB2,  and  conduct  data 
analysis  using  SQL  program¬ 
ming.  Require;  B.S.  degree  in 
Computer  Science,  an  Engin¬ 
eering  discipline,  or  a  closely 
related  field  with  2  yrs  of  exp  in 
the  job  offered;  A  M.S.  degree 
with  a  demonstrated  ability  to 
perform  the  stated  duties  gain¬ 
ed  through  academic  course- 
work/previous  work  experience 
will  be  accepted  in  lieu  of  the 
B.S.  degree  and  2  yrs  of  exp. 
Extensive  travel  on  assignment 
to  various  client  sites  within  the 
U.S.  is  required.  Competitive 
salary  offered.  Send  resume  to: 
Sid  Ahuja,  Open  Systems,  Inc., 
4005  Windward  Plaza  Drive, 
Suite  550,  Alpharetta,  GA 
30005;  Attn:  Job  HS. 


Technical  Engineers  needed. 
Seeking  qual.  candidates  po¬ 
ssessing  MS  or  equiv.  and/or 
rel.  work  exp.  Part  of  the  req. 
rel.  work  exp.  must  include  1 
yr  working  w /  VPN,  VOIP, 
L2TP,  &  PPP  protocols.  Dut¬ 
ies  include:  Develop  &  test 
Wireless  &  Network  Mgnt, 
Telecomm.,  Data  Comm.,  & 
Distributed  Computing;  Cre¬ 
ate  functional  spec.  &  imple¬ 
ment  systems;  Evaluate  inter¬ 
face  b/t  HW  &  SW.  Send  res., 
ref.  &  sal  req.  to  Impetus  Sys¬ 
tems  &  Careers,  63  Pleasant 
St.,  Concord,  NH  03301 


Software  Developer/  Progra¬ 
mmer:  For  co.  specializing  in 
developing  new  Telephony  & 
Internet  products,  responsible 
for  client's  project  development 
of  multi-media  concurrent  sys¬ 
tems  involving  data,  speech  & 
vision  using  Telecommuni¬ 
cations  &  the  Internet;  analyze 
systems  outlines;  documenta¬ 
tion  &  testing,  write  solution  pro¬ 
grams;  correct  programs.  Req's: 
Master  of  Science  Degree  in 
Comp  Sci,  Comp  &  Info  Sci, 
Engineering  or  a  related  field.  4 
yrs  exp  in  job  offered  or  4  yrs  of 
software  development  exp.  Exp 
must  include  software  program¬ 
ming  &  systems  design.  Exp 
can  be  gained  while  pursuing 
degree.  Proficiency  in  Java, 
C/C++,  Windows,  TCP/IP  and 
Web  Server  Technology. 
40hrs/wk.  Send  res.  to  C-11, 
P.O.  Box  1924,  Phila.,  PA19105. 


SBI  is  looking  for  the  following 
positions  for  its  offices  in 
Houston,  TX,  San  Francisco, 
CA,  Warren,  NJ,  Salt  Lake  City, 
UT  and  Portland,  OR:  Art 
Director,  Web  Designer, 
Programmer  Analysts,  Technical 
Architects,  Technical  Consul¬ 
tants,  Business  Strategists, 
Systems  Analysts,  Software 
Engineers,  Software  Deve¬ 
lopers,  SAP  Consultant, 
resumes  by  email  or  fax  only  to 
HR,  SBI  2825  East  Cottonwood 
Parkway,  Suite  480,  Salt  Lake 
City,  UT  84121: 

careers@sbiandcompany.com; 
Fax  (801)  733-3201. 


Telecommunication  Analyst. 
Chicago,  IL.  Advanced  wire¬ 
less  system  engineering,  re¬ 
search  &  analysis  for  GSM, 
UMTS,  WCDMA,  satellite 
communication,  softswitch. 
Core  network  capacity  &  per¬ 
formance.  New  technology 
evaluaution,  protocol  valida¬ 
tion  in  3G,  2.5G  &  define 
architecture.  BS  Electrical/ 
Electronics/Comp  &  min  2  yr 
related  exp.  Resume  L. 
Hormeku,  Glotel,  30  S. 
Wacker  Dr.,  Suite  3900, 
Chicago,  IL  60606. 


Computer  Contract  Services,  a 
small  growing  company  is  look¬ 
ing  for  Sr.  IT  staff.  Applicants 
must  have  minimum  BS  with  3- 
yr  exp.  using  the  SAS  system. 
Skills  using  SAS/BASE,  SAS / 
GRAPH,  SAS/ODS  are  a  strong 
plus.  Exp  on  Unix  &  NT  plat¬ 
forms  is  req.  Contact 
ken.schmidt@ccsiteam.com.  EOE. 

System  &  network  administrator 
wanted  by  Pringing  Ind.  Of  Ml 
Service  Corp.  Duties  include 
system  and  network  administra¬ 
tion,  install  and  configure 
servers,  user  support.  Must 
have  BS  or  equivalent  with 
CCNA,  MCP,  MCSE.  Please 
send  resume  to  nick@print.org. 
EOE. 


QA  ENGINEER  II  Perform  test¬ 
ing  tasks  on  complex  projects. 
Analyze  &  review  Business  & 
System  Requirement/Design 
Specifications.  Write  test  plans/ 
procedures  &  create  Test  Scripts 
w/  TestDirector  8  0  Create  auto¬ 
mated  test  scripts  for  regression 
testing  w/  QuickTest  Profes¬ 
sional  6. 0/6. 5.  Proficiency  in 
Test  Director  7.6/8.0,  QuickTest 
Professional  6. 0/6. 5,  TD  Explor¬ 
er,  Batch  Test  Manager.  Object 
Repository  MergeTool,  Load- 
Runner  7.0,  Tight  VNC  Server 
1.2.8.  RealVNC,  XML,  SQL, 
Server  Studio  JE  3.0.  SQL  Editor 
(Informix)  Extra  6.5  (Emulation 
Tool)  Project  Insight,  ODBC, 
LDAP,  Admin  Tool,  MS  Access, 
HyperSnap-DX-4,  Netscape 
Browser  4.72  and  I.E.  5.0/5  5/ 
6.0,  Putty  Tel  and  Visio.  Send 
resume  to:  Diane  Dull,  John  H. 
Harland  Co,  2939  Miller  Road, 
Decatur,  GA  30035. 


Programmers,  Software  Engin¬ 
eers  &  DBAs:  Analyze,  design, 
develop,  test  apps.  in  (A) 
Microsoft.Net  tech,  Oracle/SQL 
Server/Sybase  suites,  Java 
suite,  Weblogic,  Apache, 
COBOL;  (B)  Documentum,  ATG 
Dynamo,  Weblogic,  Java/Oracle 
suites  and  internet  security/e- 
commerce  analysis  (C)  Design, 
administer  and  maintain  data¬ 
bases  in  Sybase/SQL  Server 
and  Oracle.  Please  respond  to 
Attn:  Vipul  Goel,  NetAppI,  Inc., 
2415  San  Ramon  Valley  Blvd., 
Suite  4140,  San  Ramon,  CA 
94583.  EOE 


XAWARE,  Inc.,  a  software 
development  company  seeks  a 
Sr.  Software  Engineer  with 
expertise  in  developing  e-data 
exchange  applications,  for 
secure,  multi-user  large-scale 
systems.  B.Sc./Comp.  Sci.  with 
5  years  exp.  Experience  with 
J2EE,  Sybase  Application 
Server,  Corba,  and  IBM  XmlDiff 
highly  desirable.  Forward 
resume  to:  Attn:  Rohit  Mital, 
2060  Briargate  Parkway,  #150, 
Colorado  Springs,  CO  80920  or 
email  to  rmital@xaware.com 


Software  Engineer  to  design 
develops,  Implement  client  serv¬ 
er  applications  utilizing  SQL 
Server,  DB2,  and  Oracle  exper¬ 
tise.  Object-Oriented  Analysis 
and  Design  with  UML,  C++, 
Java,  SQL,  PL/1,  TERADATA. 
HTML,  XML,  XSLT,  NET  devel¬ 
opment.  Application  Program¬ 
ming,  Development  and  admin¬ 
istration  of  multiple  servers, 
Developed  and  Tuned  Data¬ 
bases  on  Unix  and  NT  Plat¬ 
forms.  Bachelor’s  degree  in 
engg.  Or  equivalent  five  or  more 
years  of  experience.  Send 
resume  to  Triton  Information 
Technologies  Inc  at  4  ORIOLE 
COURT,  PLAINSBORO,  NJ- 
08536. 


I 


Luckily,  We  Are  Too! 


itcareers.com  is  now  powered  by 
CareerJournal.com! 

Search  for  jobs  and  post  your  resume  here 
on  www.itcareers.com.  Check  us  out! 


CBT  Nuggets 

(888)  507-6283  &  (541)  284-5522 
www.cbtnuggets.com 
Affordable  training  videos  on  CD 
MCSE,  MCDBA,  MCSD,  CCNA, 
Citrix,  Linux,  A+,  Net  + 


IPexpert,  Inc. 

(866)  225-8064 

www.ipexpert.com 

CCIE  (R&S,  SEC,  and  C&S),  CCSP, 

CCNP,  CCNA,  IP  Telephony 
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NetWare  over  the  years 

Novell’s  flagship  operating  system  has  been  a  market  force  for  two  decades. 


Introduces  S-Net,  which 
let  users  share  printers. 

Releases  NetWare 
4.6,  one  of  the  first  to 
carry  NetWare  brand. 


Debuts 
NetWare  3, 

last  version 
to  use  the 
bindery. 


Microsoft  introduces 

Windows  NT  Server. 

NOS  market  share: 
NetWare  52.5% 
Windows:  6.3% 


Market  share:  NetWare  12% 
Windows  50.5%;  Linux  25% 


Market  share: 
NetWare  26.4% 
Windows  36% 


Open  Enterprise 
Server  is 

announced.  — , 


11983 

11984 

1 1985 

111989 

111993  | 

1 1 1995 

111997  11998  | 

1  12001 
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12004  1 

Releases  Advanced 
NetWare  2.0  for  Intel 
286  processors.  - 


Releases  NetWare  4,  which 
introduces  directory. 

Microsoft  introduces  Windows  NT 

and  LAN  Manager  1.0;  Linux  debuts. 


NetWare 

continued  from  page  1 

“NetWare  as  a  brand  is  gener¬ 
ally  positive  to  the  people  who 
use  it, and  its  sort  of  middie  of  the 
scale  to  people  who  don’t  know 
us,  sometimes  negative,  some¬ 
times  positive,”  says  Chris  Stone, 
Novell’s  vice  chairman,  office  of 
the  CEO.“lt’s  still  a  big  part  of  our 
revenue  —  it  keeps  the  lights  on.” 
NetWare  accounts  for  29%  of  the 
company’s  revenue. 

As  for  customers,  they  say  that 
Novell’s  strategy  of  using  Linux 
and  now  OES  as  a  migration  tool 
gives  them  an  out  for  what  many 
might  see  as  a  dated  operating 
system. 

“We  are  a  long-time  Novell  Net¬ 
Ware  usee” says  Anthony  Hill,  CTO 
for  Golden  Gate  University  in  San 
Francisco.  “We  are  doing  major 
technology  overhauls  across  the 
board  and  were  faced  with  stay¬ 
ing  with  NetWare,  which  has  be¬ 
come  more  of  an  island  over  time, 
or  moving  to  Windows,  which 
does  not  solve  any  of  our  goals. 

“For  me,  I’m  a  bit  neutral  on 


[OES]  because  at  the  end  of  the 
day  what  I  really  want  is  a  Linux- 
based  platform,”  Hill  says.“My  goal 
is  to  get  off  NetWare,  not  because 
there  are  any  inherent  issues  with 
it,  but  more  from  a  consolidation 
point  of  view!’  Hill  uses  Novell’s 
Nterprise  Linux  Services  1.0, 
GroupWise,  ZENworks  and 
eDirectory 

“What  I  am  looking  forward  to 
from  Novell  is  real  leadership  in 
the  Linux  and  open  source 
space,”  says  Dale  Llewellyn,  man¬ 
ager  of  global  information  ser¬ 
vices  for  SPX  in  Charlotte,  N.C. 

“Novell  is  the  largest  Linux  ven¬ 
dor  and  is  really  in  a  leadership 
position  to  influence  that  or 
break  it  apart  if  they  chose  to 
specialize  and  take  Linux  their 
way”  Llewellyn  uses  Nterprise 
Linux  Services  on  Red  Hat  Linux, 
eDirectory  and  ZENworks,  and  is 
migrating  away  from  NetWare  5. 1 . 

Users  say  that  part  of  Linux’s 
appeal  is  its  support  from  large 
systems  vendors  such  as  Dell,  HR 
IBM,  Oracle  and  now  Novell.  To 
boost  Novell’s  Linux  initiative,  HP 
announced  last  week  that  it 


would  factory-install  Novell’s 
SuSe  Linux  on  its  desktop  mach¬ 
ines.  IBM  also  announced  last 
week  that  it  would  offer  SuSe 
Linux  on  all  of  its  servers.  Gate¬ 
way  recently  announced  it  will 
also  pre-load  the  operating  sys¬ 
tem,  and  Dell  has  said  it  will  sup¬ 
port  the  Linux  distribution. 

“It  was  when  the  major  vendors 
started  supporting  Linux  that  it 
became  a  real  viable  option  to 
bet  our  enterprise  on,”  Hill  says. 
“Before  Novell  announced  their 


Nterprise  Linux  [Services],  we 
were  taking  a  hard  look  at  which 
way  to  go.  Did  we  stay  on  Net¬ 
Ware?  Did  we  move  to  Windows, 
to  Linux  or  Solaris?  What  is  good 
about  open  source  is  that  a  ven¬ 
dor  the  size  of  Novell  is  putting 
their  proven  management  tools 
on  top  of  what’s  now  a  proven 
open  source  operating  system.” 

Novell’s  new  initiatives  and 
acquisitions  are  part  of  a  broader 
Linux  revolution  that  is  putting 
pressure  on  Microsoft. 


Novell  ships  Novell  debuts 

NetWare  5,  NetWare  6.5,  the 

first  version  present  version, 

to  useTCP/IP. 

New  licensing  requirements 
have  angered  many  customers 
and  encouraged  them  to  look  for 
alternatives.  However,  a  study  by 
The  Yankee  Group  shows  the  cost 
of  migrating  from  Windows  to 
Linux  is  three  to  four  times  as 
much  as  upgrading  from  one 
Windows  version  to  another. 

Customers  who  have  migrated 
from  NetWare  to  Novell’s  first  iter¬ 
ation  of  Linux,  Nterprise  Linux 
Services,  have  not  found  this  to 
be  true  of  Linux. 

“The  support  and  maintenance 
cost  of  Linux  is  much  less  than  a 
Unix  or  proprietary  Windows- 
based  platform,”  says  Duwayne 
Anderson,  vice  president  of  infor¬ 
mation  services  and  technology 
for  general  contractor  Manhattan 
Construction  in  Houston.  “SuSe 
Linux  is  going  to  save  us  approxi¬ 
mately  7%  in  annual  mainte¬ 
nance  and  support  costs  year 
over  year,  which  will  reduce  our 
initial  acquisition  cost  by  40%. 

“The  implications  of  not  imple¬ 
menting  Novell’s  SuSe  would 
have  been  higher  annual  cost, 
higher  initial  acquisition  cost  and 
lock-in  to  a  single  proprietary 
solution,”  Anderson  says.  “That 
was  an  untertable  situation.” 

OES  is  expected  to  ship  by 
year-end.  It  will  go  into  a  public 
beta  by  late  fall. 

Senior  Editor  John  Fontana  con¬ 
tributed  to  this  report. 


More  online! 

Linux  is  gaining  ground,  but  where  is  the 
open  source  platform  best  used?  Network 
World  Senior  Editor  Jennifer  Mears 
discusses  where  IT  is  finding  the  most 
bang  for  their  Linux  buck. 
DocFinder  1331 


Challenge 

continued  from  page  1 

The  center  coordinates  how  vulnerabilities 
get  reported  and  fixed,  and  how  customers 
are  notified  of  those  security  updates. 

Toulouse  says  Microsoft’s  layered  approach 
to  supplying  relevant  security  update  informa¬ 
tion  can’t  be  simplified  much  because  its  cus¬ 
tomer  base  ranges  from  single  Windows  users 
to  large  enterprise  accounts. 

Microsoft  maintains  parallel  efforts  for  con¬ 
sumers  and  IT  staff,  both  in  terms  of  its  e-mail 
notification  services  and  on  its  Web  site. 
Consumers  can  find  information  at  www. 
microsoft.com/security,  while  IT  staffers  will 
need  to  hit  the  Microsoft  TechNet  Security 
Resource  Center  site  —  www.microsoft.com/ 
technet/security/. 

Toulouse  says  these  security  pages  are 
updated  constantly,  even  though  a  promi¬ 
nent  link  advertised  registration  for  a 
March  16  event  when  we  spoke  with  him 
on  March  24. 

We  pointed  out  that  while  Microsoft  num¬ 
bers  its  security  patches  in  a  specific  format 
—  MS  04-XXX  —  you  cannot  search  on  that 
format.  Furthermore,  the  company  does  not 
discern  between  original  and  updated  secur¬ 
ity  bulletins  in  its  overall  listings,  making  it 


Need  information!' 


*4  Who  no  you  sali  with  a  security  issue?  We  also 
challetiged  vendors  to  provide  a  standard  means 
of  contacting  them  regarding  security  issues.  Go 
online  to  find  a  list  of  contacts  for  each  vendor  at 
wvAvnwfusion.com,  DocFinder:  1335. 


difficult  to  ensure  you  have  the  most  recent 
patches  applied. 

We  also  encountered  a  bug  on  the  security 
patch  search  page  that  did  not  let  us  view  the 
security  update  listing  using  two  different, 
fully  patched  Windows  XP  Pro  machines  run¬ 
ning  Internet  Explorer.  We  logged  an  event 
error  with  the  support  team  but  had  not 
heard  back  from  them  at  press  time. 

Although  these  points  may  seem  trivial,  we 
argue  that  security  professionals  pressed  for 
time  need  things  organized  intuitively  to 
ensure  their  systems  are  properly  secured. 

Toulouse  acknowledges  each  of  these 
issues  and  says  he  would  report  them  to  the 
team  to  be  addressed. 

Apple,  Novell  and  Red  Hat  all  pointed  to 
what  they  called  centralized  security  pages  on 
their  sites. 

An  Apple  spokesman  pointed  to  www. 
apple.com/security  as  its  go-to  security  page. 
However,  there  is  no  link  to  this  central 
security  page  from  Apple’s  home  page.To  get 
information  on  vulnerabilities  and  patches, 
you  have  to  click  over  to  multiple  support 
pages. 

Novell  has  yet  to  merge  the  security  infor¬ 
mation  about  its  newly  acquired  SuSe 
Linux  operating  system,  so  a  spokesman 
pointed  us  to  two  separate  sites:  http://sup- 
port.novell.com/security-alerts  and  www. 
suse.com/security/.  That  means  searching 
for  vulnerabilities  across  Novell’s  product 
line  is  a  multi-step  process,  but  we  think 
Novell  will  remedy  that  once  it  has  fully 
integrated  the  SuSe  assets. 

Red  Hat  offers  a  central  security  resource 
center  link,  but  a  spokesman  pointed  us  to 
www.redhat.com/apps/support/errata/  as 
the  place  to  get  the  most-complete  security 
patch  information.  While  the  page  name  is 


certainly  not  intuitive,  we  found  this  site  to 
be  well  organized  by  product,  but  would  like 
to  see  a  vulnerability  search  tool  added. 

Tom  Golway,  CTO  of  IT-Defense,  a  firm  spe¬ 
cializing  in  risk-mitigation  consulting,  says 
vendors  could  do  more  to  customize  their 
security  interfaces.  He  points  to  Amazon, 
corn’s  ability  to  present  customized  informa¬ 
tion  based  on  a  customer’s  profile  as  a  pro¬ 
totype  for  pushing  the  right  patch  informa¬ 
tion  to  the  right  customers. 

‘All  of  these  companies  have  deep  knowl¬ 
edge  bases  of  security  vulnerabilities,  com¬ 
mon  configuration  errors  that  leave  you 
open  to  attack  and  bugs  that  break  applica¬ 
tions,”  Golway  says.  “They  are  just  a  small 
script  away  from  correlating  that  information 
to  specific  users’  environments.” 

All  vendors  were  quick  to  tout  their  existing 
and  future  automatic  update  processes  as  a 
development  that  could  reduce  the  impor¬ 
tance  of  disseminating  detailed  information 
about  security  updates  and  patches. 

While  auto  update  might  be  a  good  tool  for 
consumers,  no  company  of  size  is  going  to 
permit  auto  updating  without  testing  it  in  the 
lab  and  then  rolling  it  out  slowly. 

Additionally,  even  if  the  automatic  update 
mechanism  works  flawlessly,  enterprise  IT 
security  staffers  will  be  required  to  manually 
audit  the  updates  and  maintain  change  con¬ 
trol.  If  for  example  a  CERT  advisory  comes 
out,  you  would  want  to  be  able  to  go  to  the 
vendor  site  for  details  about  how  a  security 
update  addresses  the  advisory. 

While  all  four  vendors  defended  how  they 
are  currently  serving  up  security  information, 
all  also  added  the  caveat  that  they  are  open 
to  feedback  on  how  to  improve  the  process. 
Speak  up  and  help  convince  them  to  face 
this  challenge  head  on.H 
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McMillan 

continued  from  page  1 

McMillan  is  one  of  a  small 
band  of  high-tech  comedians  — 
others  include  Wayne  Cotter  and 
Dan  St.  Paul  —  who  use  their 
knowledge  of  IT  to  delve  into  the 
lighter  side  of  technology  Mc¬ 
Millan,  with  a  masters  degree  in 
engineering  from  Stanford  Uni¬ 
versity  and  a  resume  that  in¬ 
cludes  Bell  Labs  and  VLSI  Tech¬ 
nology  certainly  has  the  tech 
credentials. 

He  has  some  pretty  impressive 
comedy  credits  as  well  —  he 
won  the  $100,000  grand  champi¬ 
onship  on  Star  Search  in  1993 
and  has  appeared  on  television, 
in  movies  and  in  comedy  clubs 
across  the  country  You  also 


might  recognize  him  as  the 
“skunky  beer” guy  from  that 
series  of  Budweiser  commercials. 

He  concedes  that  making  a  cor¬ 
porate  audience  laugh  these 
days  is  tougher  than  it  was  before 
the  Internet  boom  went  bust. 

“My  task  has  changed.  From 
1995  to  1999, 1  was  brought  in  to 
help  celebrate. The  shows  were 
like  walking  on  air,  people  were 
in  such  a  good  mood,” he  says. 
After  the  bubble  burst, McMillans 
role  shifted  to  boosting  morale, 
cheering  up  the  troops.'its  more 
difficult. You’re  pushing  a  big 
rock  up  a  steep  hill,”  he  says. 

But  at  the  same  time,  he  feels 
that  it’s  more  important. When 
people  are  going  through 
tough  times, “you  need 
to  find  some  humor,  9 


and  hopefully  I  supply  that.  I’m 
filling  a  void,"  he  says. 

And  McMillan,  who  charges 
$12,500  per  appearance, says  he’s 
seeing  high-tech  companies  start 
to  bounce  back.  He  was  at  Info- 
Sec  World  last  week  in  Orlando 
and  at  a  Cisco  event  the  week 
before,  where  he  not  only  told 
jokes,  but  true  to  his  geek  her¬ 
itage,  sat  through  a  couple  of  ses¬ 
sions  on  routing  technology 
McMillan  says  he  went  from 
computer  bits  to  comedy  bits  in 
the  late  1980s,  when  clubs  were 
booming  in  the  Bay  Area.  Bitten 
by  the  comedy  bug,  McMillan 
wrote  5  minutes  of  material  and 
showed  up  at  open  mic  night  at 
Captain  Cook’s  Seafood 
and  Comedy  Club  in 
San  Jose.  But  he  did¬ 


n’t  go  on  stage  right  away 

“As  any  good  engineer  would,  1 
watched  and  studied  for  a 
month,”  he  says.  He  saw  that 
about  one-quarter  of  the  comics 
were  funny  which  meant  three- 
quarters  weren’t.  He  figured, “I 
can  at  least  be  as  unfunny  as 
they  are,” so  he  took  his  5  min¬ 
utes  of  material  and  went  on. 

“It  was  kind  of  surreal,”  Mc¬ 
Millan  says.“But  actually  I  was 
pretty  funny  I  told  original  jokes, 
and  half  of  them  worked.” 

Most  comics  take  a  skewed 
view  of  the  world  in  one  fashion 
or  another.  McMillan’s  observa¬ 
tions  are  based  on  his  tech  back- 
ground:“I  have  the  advantage  of 
being  an  engineer  and  looking 
at  the  world  logically.  For  exam¬ 
ple,  why  does  Bill  Gates,  who  is 
worth  $40  billion, still  have  eye¬ 
glasses?  He  has  so  much  money 
he  can  make  the  rest  of  the 
world  out  of  focus.” 

Speaking  of  Gates,  McMillan  is 
often  asked  to  write  material  for 
corporate  executives.  On  one 
occasion,  Dell  asked  McMillan  to 
write  a  skit  for  CEO  Michael  Dell 
and  Gates,  who  was  appearing  at 
an  event  for  the  computer 
maker.  McMillan  had  Dell  sitting 
behind  a  desk,  interviewing  job 
candidates.  Gates  was  supposed 
to  come  on  stage  as  the  job 
applicant,  and  Dell  was  sup¬ 
posed  to  examine  Gates’  resume 
and  says  things  like, “Oh,  I  see 
you  dropped  out  of  college  . . .’’ 
But  Gates  decided  not  to  play 
along,  McMillan  says. 

He  has  another  connection  to 
Gates,  because  his  act  relies  on 
about  25  PowerPoint  slides  that 
graph  everything  from  his  drink¬ 
ing  habits  over  time  to  the  differ¬ 
ent  paths  he  and  his  wife  take 
when  shopping  at  a  mall.  (Mc¬ 
Millan  goes  straight  in  and  out; 


his  wife  zigzags  all  over  the 
place.) 

McMillan  says  he’s  weathered 
one  or  two  glitches  over  the 
years.“Just  last  week  at  the  Im- 
prov  in  San  Jose  in  the  middle  of 
my  act  Norton  Anti-Virus  fires 
up,”  he  says. 

A  few  months  ago,  McMillan 
was  performing  at  a  Documen- 
tum  conference.  His  slides  were 
written  in  an  Office  2000  version 
of  PowerPoint  that  for  some  rea¬ 
son  wasn’t  totally  compatible 
with  the  Office  version  running 
at  the  show.  “The  builds  were  in 
all  the  wrong  places,  I  was  get¬ 
ting  half  a  sentence  at  a  time,”  he 
says.  Luckily  it  wasn’t  a  Microsoft 
audience,  and  the  laughs  only 
got  bigger. 

McMillan  appears  regularly  at 
places  such  as  the  Improv  in 
San  Jose  and  J.R.’s  Comedy  Club 
in  Valencia,  Calif. 

Randy  Lubas,  the  manager  at 
J.R.’s,  says, “Don  draws  a  mixed 
crowd.  He  does  get  a  lot  of 
geeks  and  nerds.  He  does  some 
of  his  nerdiest  material  at  J.R’s, 
and  it  always  goes  over  very 
well.  We  enjoy  getting  the  nerds 
that  Don  brings  in  because  they 
very  seldom  start  fights,  and 
most  of  them  earn  more  than 
$100,000  a  year.  That  is  a  nice 
combination.” 

Lubas  adds  that  he  admires 
the  comedian  for  keeping  his 
act  clean. 

McMillan,  whose  comic  heroes 
are  Bill  Cosby  Steve  Martin  and 
Johnny  Carson,  is  proud  of  the 
fact  that  he  works  clean.  But 
there  is  one  subject  area  that’s 
taboo.“You  don’t  say  the  words 
‘dot.com’  anymore. You  just 
don’t.”  ■ 

Get  more  information  online. 
DocFinder:  1336 
www.nwfusion.com 


Geeky  giggles 


A  sampling  of  Don  McMillan’s  material  from  his 
performance  at  last  week’s  InfoSec  World  show 
in  Orlando. 


•  He  looked  out  into  his  audience  scattered 
through  the  room  and  said,  “You  look  like  M. 
an  undefragmented  drive.” 

•  “I’m  wearing  a  tie  with  the  chemical 
elements  on  it.  I  only  wear  it 
periodically." 

•  He  gave  the  audience  a  binary  high- 
five  by  holding  up  one  finger,  then 
none,  then  one. 

•  His  definition  of  a  nanosecond: 

“The  amount  of  time  to  say  ‘no,’  when 
your  wife  asks,  ‘Do  I  look  fat?”’ 

•  His  definition  of  an  IP  address:  the 
location  of  your  bathroom. 

•  Proof  of  relativity:  “When  you're  with 
your  wife's  relatives,  time  slows  down." 

•What’s  an  enterprise  server?  “A 
waiter  on  StarTrek.” 
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Q1  Labs  revises  security  mgmt.  system 


■  BY  DENISE  DUBIE 

Q1  Labs  this  week  will  announce  upgraded  soft¬ 
ware  that  is  designed  to  let  companies  classify  net¬ 
work  security  threats  and  prioritize  alerts  based  on 
that  data. 

The  company’s  QRadar  software,  formerly  called 
QVision,  and  now  on  Version  3.0,  is  designed  to 
spot  internal  security  problems,  compliance  vio¬ 
lations  or  attacks  that  have  slipped  by  the  network 
perimeter. 

A  new  management  console  summarizes  alerts, 
based  on  pre-defined  policies,  which  can  correlate 
network  events  against  metrics  such  as  time  of  day 
and  origin  server.  The  console  consolidates  events 
that  could  represent  threats,  such  as  denials  of  ser¬ 
vice,  worms  or  Web-based  intrusions. 

QRadar  watches  network  traffic  flows  to  establish 


a  baseline  of  normal  network  behavior.  Q1  agents 
running  on  servers  passively  monitor  spanning 
ports  on  network  switches  and  send  data  about 
anomalies  to  a  classification  engine,  which  sits  on 
one  or  more  servers.  The  classification  engine 
compares  the  data  with  modeled  behavior  and 
identifies  it  as  a  possible  internal  threat,  policy  vio¬ 
lation  or  external  breach.  Alerts  are  sent  to  the 
management  console,  from  where  network  man¬ 
agers  can  take  action. 

Q1  competes  with  companies  such  as  Arbor 
Networks  and  Mazu  Networks,  though  more  estab¬ 
lished  players  such  as  NetScreen  Technologies  also 
are  likely  to  join  the  fray  soon,  says  Jon  Oltsik,  a 
senior  analyst  of  information  security  at  Enterprise 
Strategy  Group. 

Q1  says  it  plans  to  ship  QRadar  3.0  within  30  days. 
Pricing  starts  at  $25,000.  ■ 
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Offshoring  for  the  right  reasons 


“ [Offshoring]  fundamentally  reduces 
the  cost  of  goods  and  services  for 
Americans.  ...If  I  can  get  my  tax 
return  prepared  for  less  money 
because  the  offshore  labor  is  cheaper 
than  the  domestic  labor,  then  as  an 
American  consumer,  I’m  better  off.' 

Marc  Andreessen,  chairman  of 
Opsware  ( Atlanta  Journal-Constitution,  March  23) 

You’ve  got  to  love  it: The  browser  wunderkind  Marc 
Andreessen  supporting  offshoring  with  one  of  the 
lamest  examples  I  can  think  of. 

To  say  Andreessen  is  naively  positive  about  off¬ 
shoring  is  an  understatement  —  check  out  the  tran¬ 
script  of  Andreessen  on  “Lou  Dobbs  Tonight" 
(appearing  after  the  interview  with  Vicente  Fox)  at 
www.nwfusion.com,  DocFinder:  1333. 

Consider  the  risks.  Would  you  want  your  personal 
data  to  be  sitting  in  a  database  in  India  or  wherever, 
protected  by  privacy  laws  that  might  or  might  not 
apply  to  you?  I  didn’t  think  so.  It  just  isn’t  that  simple. 

Anyway  Andreessen  has  little  need  to  worry  about 
the  cost  of  getting  his  tax  returns  prepared  —  he  is  a 
multimillionaire  who  made  his  money  by  creating 
companies  (Netscape  and  now  Opsware)  that  made 
money  for  him  but  not  for  investors.  But  I  digress  . . . 

If  anything  is  likely  to  discredit  offshoring  I  think 


Andreessen’s  naive  support  along  with  the  political 
furor  surrounding  the  topic  could  well  do  the  job. 

But  let’s  be  clear:  Offshoring  is  simply  an  economic 
consequence  of  the  high  cost  of  skilled  labor  at 
home  compared  with  the  low  cost  of  skilled  labor 
elsewhere,  and  therefore  it  can  be  an  opportunity  to 
save  money  Note  though,  that  I  said  “can  be.” 

For  certain  jobs  offshoring  could  well  be  a  good 
solution.  But  when  offshoring  is  used  to  save  money 
and  at  the  same  time  degrades  critical  business 
attributes  such  as  quality,  reliability  integrity  and 
security  then  it  is  not  just  a  bad  solution,  it  can  easily 
become  a  financial  and  PR  disaster. 

Why  do  you  think  Dell  pulled  its  offshored  corpo¬ 
rate  support  services  back  to  the  U.S.  from  India  at 
the  end  of  last  year?  Because  it  was  a  bad  idea  that 
simply  didn’t  work.  It  is  hard  enough  to  run  a  good 
support  center  at  home  let  alone  run  one  that  is 
thousands  of  miles  away  in  another  country  where 
the  support  representatives  are  hard  to  understand. 

As  another  aside  1  can’t  for  the  life  of  me  figure  out 
why  Dell  didn’t  just  quietly  make  the  transition  from 
offshoring  corporate  support  to,  er,  on-shoring  it 
again.  Considering  how  much  negative  publicity  off¬ 
shoring  has  received  and  how  much  criticism  Dell’s 
offshoring  attracted,  wouldn’t  offshoring  have  been  a 
topic  you’d  have  thought  the  company  would  want 
to  avoid  talking  about? 


Unfortunately  for  the  hoi  polloi  Dell  only  pulled 
back  corporate  support,  leaving  consumers  to  deal 
with  foreign  support  representatives  whose  training 
in  problem  solving  apparently  involves  laboriously 
and  mechanically  tracing  a  fault  tree  to  its  bitter  end 
—  an  approach  that  can  be  done  as  badly  here  as 
anywhere  else  just  more  expensively 
The  fact  is  that  offshoring  can  work  and  work  well 
if  you  are  going  to  use  it  appropriately,  for  example, 
to  do  data  entry  or  develop  highly  structured,  well- 
defined  code  over  a  long  period.  But  try  offshoring 
development  of  even  moderately  sophisticated  sys¬ 
tems  and  you  are  more  likely  than  not  going  to  be 
dreadfully  disappointed.  And  out  of  pocket. 

My  point  is  that  offshoring  is  neither  the  threat  to 
life,  liberty  and  the  pursuit  of  happiness  that  some 
pundits  and  many  politicians  would  have  you 
believe,  nor  is  it  some  kind  of  wonderful  general 
solution  to  cost  cutting  that  the  other  pundits  and 
Andreessen  would  have  you  believe. 

As  with  an  outsourcing  deal,  offshoring  should  be 
used  as  a  solution  to  appropriate  problems.  When 
you  apply  offshoring  to  the  wrong  problems,  off¬ 
shoring  can  easily  become  a  major  liability 
Let  Andreessen  have  his  taxes  prepared  in  India  or 
wherever.  I’ll  have  mine  prepared  right  here. 

Offshore  your  thoughts  to  backspin@gibbs.com. 
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By  Paul  McNamara 
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Readers  get  another  turn 

It’s  time  to  apply  a  little  spring  clean¬ 
ing  to  the  e-mail  in-box. 

A  suggestion  here  that  punitive  measures  might  help  deter  the  sloppy  e-mail 
practices  that  spread  most  viruses  drew  mixed  reaction. 

"Tempting  as  it  may  sound,  I  don’t  think  the  anti-virus  thrust  should  be  to 
punish  our  user  community;  we  don’t  punish  people  for  being  robbed  or 
assaulted,"  Vic  Graham  writes.  "Sure,  there  are  always  a  few  users  an  admin¬ 
istrator  would  like  to  ‘whack’  a  bit,  but  the  vast  majority  will  do  their  best  to 
avoid  activating  a  virus  in  their  LAN  or  WAN.  What  I  think  is  important  is  to  be 
patient  and  keep  informing  your  users  about  how  to  react  to  e-mail  that  doesn’t 
look  right  or  that  doesn’t  seem  to  have  anything  to  do  with  their  normal  work.” 

Others  weren't  even  tempted  to  knock  heads. 

"Your  opinions  on  this  are  way  out  of  line,”  offers  a  reader  who  asked  that  his 
name  be  withheld.  "I’ve  got  a  better  idea.  Let’s  punish  the  software  vendor 
every  time  someone  exploits  a  hole  or  bug  in  the  code  they  rented  to  us.  And 
the  ‘how’  is  easy;  send  them  one  less  boxcar  full  of  money." 

Another  reader  wants  me  to  walk  a  mile  in  the  user's  shoes. 

"What  if  a  virus  is  so  clever  that  even  Network  World  writers  are  fooled  into 
infecting  their  own  networks?"  Charles  Ashbacher  asks.  “In  other  words,  what 
punishment  would  you  be  willing  to  self-inf lict?” 

There  must  be  something  in  the  First  Amendment  that  will  get  me  out  of  that 
one. 

A  column  that  dumped  all  over  Plaxo  and  similar  contact-update  services 
was  mud:  less  controversial:  Virtually  everyone  who  wrote  hates  these  annoy¬ 
ing  requests,  too. 

"Thanks  for  the  great  article  about  Plaxo,”  Steve  Finney  offers.  “You  con¬ 
vinced  me  that  I  made  the  right  move  by  deleting  Plaxo  from  my  system  about 


a  month  ago.” 

My  favorite  recent  e-mail  artfully  undercuts  a  spammer  trick  that  attempts 
to  skirt  the  new  CAN-SPAM  law  by  exploiting  a  provision  that  exempts 
e-mail  whose  primary  purpose  is  not  commercial.  One  example  of  this  spam 
genre  tells  recipients:  “The  primary  purpose  of  this  e-mail  is  to  deliver  you  a 
‘Crazy  USA  State  Law  of  the  Week,'”  and  then  contends  that  Massachusetts 
prohibits  the  use  of  tomatoes  in  clam  chowder.  I  admitted  not  knowing 
whether  the  chowder  business  is  true  or  not,  an  omission  that  did  not  sit  well 
with  one  reader. 

“I  used  the  Mass.  General  Laws  search  engine  (go  to  www.nwfusion.com, 
DocFinder:  1341)  to  look  for  ‘clam,’  ‘chowder’  and  ‘tomato’  or  ‘tomatoes,’" 
writes  Walt  Crosby,  executive  vice  president  atTerabase  in  Danvers,  Mass. 
"The  word  chowder  is  never  referred  to  at  all. Tomatoes  are  referred  to  in 
terms  of  measuring  quantities  at  roadside  stands.  Clams  are  mentioned  in 
terms  of  valid  weights  and  measures,  and  in  the  definition  of  what  a  clam  is  for 
the  purposes  of  wildlife  protection.  But  there  is  no  prohibition  against  toma¬ 
toes  in  clam  chowder.” 

“I  guess  the  e-mail  was  really  just  spam  after  all,”  Crosby  concludes. 

I  guess  a  tiny  bit  of  actual  reporting  might  have  led  me  to  the  same  conclu¬ 
sion  in  time  for  that  first  column. 

Another  medical  leave 

Regular  readers  might  recall  that  a  heart  attack  just  before  Christmas  kept 
me  from  filling  this  spot  for  a  spell.  In  the  course  of  treating  me,  doctors  also 
discovered  an  unrelated  problem  that  will  require  surgery  April  7  and  keep  me 
away  for  another  stretch.  Between  now  and  then  I'm  sneaking  in  a  vacation. 
Colleagues  Adam  Gaffin  and  Melissa  Shaw  will  take  turns  being  your  guide 
here  from  next  week  until  I  return. 

Feel  free  to  write  in  the  meantime.  The  address  is  buzz@nww.com. 
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The  Journey  of  the  Leader  in  Layer  4--V  Load  Balancing  Switches 

Performance.  Intelligence.  Security.  Price. 


Serverlron  -when  it  comes  to  Layer  4-7  load  balancing,  there  is  no  summit! 
Just  a  continuous  journey.  Foundry’s  Serverlron  switches  continue  to  be  the  trailblazer 
tor  server  scalability  with  one  accomplishment  after  another.  Serverlron  switches  protect 
servers  against  denial  o  service  attacks,  improve  server  scalability. and  vastly  enhance  server 
reliability.  Serverlron  makes  it  easy  to  manage  all  your  networked  applications  and  improve 
user  response  time  while  eliminating  application  downtime.  It's  the  industry  leader  in 
performance,  intelligence,  security,  and  price.  So  it's  no  coincidence  that  Serverlron  is  the 
product  of  choice  for  the  world's  largest  and  most  demanding  customers.  Visit  us  today  at 
www.loiiliclrynetworks.coin/si.  ( )r  call  I  .888. 1  UR1JOLAN  (1 .888.887.2652). 
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The  Power  of  Performance 
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YOUR 


Sun  Java*  Enterprise  System 


Everything  you  need  to  run  your  business.  Email,  instant  messaging,  calendar,  application  server, 
portals,  network  identity,  clustering,  web  server,  security,  enterprise  messaging,  interoperability,  web 
service  delivery,  directory,  firewalls,  streaming  video,  grid  computing  and  more  -  all  for  a  single 
price  of  $  100/employee/year,1  with  an  unlimited  right  to  use.  All-inclusive,  no  hidden  costs.  Software, 

service  and  support  included.  Our  bet  is  that  you  never  spend  too  much  on  IT  again. 

Purchase  a  subscription  to  the  Java  Enterprise  Developer  Promotion  and  get  a  free  Sun  Fire  V20z 
AM  D  Opteron -based  server  today.2 
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THE  BLUEPRINT  IN  THE  BACKGROUND  OEMON STRATUS  THE  WORLD-CLASS  SOFTWARE  INFRASTRUCTURE 
AND  ARCHITECTURE  OF  THE  SUN  JAVA-ENTERPRISE  SYSTEM:  TODAY.  5Q  COMPANIES  ARE-USING  THE 

STEW  ED  DELIVER  NETWORK  SERVICES  TO  OVER  110,000  ENTERPRISE^ EMPLOYEES 
SIR, CUSTOMERS  WHILE  SLASHING  ITCOSTS. 
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“  DUT  HOW  MUCH  YOU  CAN 
AND  HOW  MUCH  YOU  CAN  SAVE  AT: 
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The  Network  is  the  Computer 
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LIST  PRICE.  Ati  PRICES  ARE  QUOTED  IN  US.  DOLLARS  2.  OFFER  VALID  IN  THE  U  S  AND  THROUGH  SUN  STORE  ONLY  PROMOTION  VALID  THROUGH  JUNE  30  2004  FOR  A  LIMITED  TIME  ONLY.  GET  THE  JAVA  ENTERPRISE  DEVELOPER  PROMOTION. 
OJEL $70QP.  FOR  ONLY  (JS-S1499  PER  YEAR  FOR  A  3-YEAR  SUBSCRIPTION.  SEE  WEBSITE  FOR  DETAILS. 

SYSTEMS.  I  Nib.  ALL  RIGHTS  RESERVED.  SUN,  SUN  MICROSYSTEMS,  THE  SUN  LOGO.  JAVA.  THE  JAVA  LOGO.  SUN  FIRE  AND  THE  NETWORK  IS  THE  COMPUTER  ARE  TRADEMARKS  OR  REGISTERED  TRADEMARKS  OF  SUN  MICROSYSTEMS  INC.  IN 

■ATES  AMD  OTHER  COUNTRIES. 


